[Fedora-directory-users] Prolem with pam_passthru

Rich Megginson rmeggins at redhat.com
Wed Mar 5 15:21:00 UTC 2008


Giovanni Mancuso wrote:
> The TRACE is:
>
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
> 2.16.840.1.113730.3.4.2)
> [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
> conn=0xb669b948, handle=3
> [04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
> 1.3.6.1.4.1.42.2.27.8.5.1)
> [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
> conn=0xb669b8a8, handle=3
> [04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 1 (FOUND)
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls 1 controls
> [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
> conn=0xb669b808, handle=3
> [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
> 2.16.840.1.113730.3.4.16)
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
> [04/Mar/2008:19:04:15 +0100] - do_bind: version 3 method 0x80 dn 
> uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int
> [04/Mar/2008:19:04:15 +0100] - mapping tree selected backend : userRoot
> [04/Mar/2008:19:04:15 +0100] - Calling plugin 'Legacy replication 
> preoperation plugin' #3 type 401
> [04/Mar/2008:19:04:15 +0100] - Calling plugin 'Multimaster replication 
> preoperation plugin' #4 type 401
> [04/Mar/2008:19:04:15 +0100] - Calling plugin 'PAM Pass Through Auth' 
> #5 type 401
> [04/Mar/2008:19:04:15 +0100] - allow_operation: component identity is NULL
Looks like the bug is here.  The component identity is NULL when it 
should not be.  Can you please file a bug about this issue?
> [04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Could not find BIND 
> dn uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int (error 32 - No 
> such object)
> [04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Bind DN 
> [uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or 
> not found
> [04/Mar/2008:19:04:15 +0100] - => send_ldap_result 32::Bind DN 
> [uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or 
> not found
> [04/Mar/2008:19:04:15 +0100] - add_pb
> [04/Mar/2008:19:04:15 +0100] - <= send_ldap_result
> [04/Mar/2008:19:04:15 +0100] - get_pb
> [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
> conn=0xb669b8a8, handle=3
> [04/Mar/2008:19:04:15 +0100] - do_unbind
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - => get_ldapmessage_controls
> [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
> conn=0xb669b808, handle=3
> [04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls no controls
> [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
> returning NO VALUE
> [04/Mar/2008:19:04:15 +0100] - defbackend_noop
> [04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
> [04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing
> [04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
> [04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing
>
>
> Rich Megginson ha scritto:
>> Giovanni Mancuso wrote:
>>> Rich Megginson ha scritto:
>>>> However, if you turn on the TRACE debug log level you might find 
>>>> some clues - 
>>>> http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting
>>>>
>>>> One more thing - in your config you have both
>>> no, sorry, i meant:
>>> the pam_passthru auth works  if  I set
>>> pamIDMapMethod: RDN
>>> but it maps the wrong user
>> Ok.  So this means you have a user uid=username whose pam login is 
>> not "username".
>>>
>>> then if I change the dse.ldif and put
>>> pamIDMapMethod: ENTRY
>>> pamIDAttr:   mail
>>> then the slapi_something_() won't find the entry even if it's there...
>>> anyway yes, I want to use the email as the pam userid.
>>>
>>> I wish it's clearer now..
>> Yes.  So I think the next step will be to turn on TRACE level 
>> debuggging in the error log to see why it cannot find your entry.
>>>
>>> Thx,
>>> Giovanni
>>>
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>> ------------------------------------------------------------------------
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080305/d9037314/attachment.bin>


More information about the Fedora-directory-users mailing list