pam_ldap

Jon Thompson coldsnap at gmail.com
Tue Apr 5 14:30:57 UTC 2005


> Ok:  I have a RHEL 3.0 box and a Fedora Core 3.  I am using pam_ldap
> for system authentication.  They have the exact same configuration
> files and parameters.  I copied the files from the working box to the
> malfunctioning system.  I can execute getent passwd and see all of the
> user names that are available through ldap.  However, when I try and
> login it fails.  When I try and su to a vlaid user I get an 'incorrect
> password' error.  I have tcpdumped the traffic and watched the logs on
> teh ldap server, the system is connecting and there has been no
> failure due to acls.  However, when I run debug withe the pam module I
> get a pam_ldap: simple bind failure.  Has anyone else come across
> anything like this?
>
> Thanks,
>
> Jon

Yes, I am fighting an LDAP issue right now with RHEL 3.  Can you give a
little more info?  What LDAP server are you trying to authenticate against?

Openldap 2.2.6


Also, what version of nss_ldap are you using?

RHEL 3 nss_ldap 207-11
Fedora nss_ldap 220-3


The interesting thing is that it works without issue when I am not
using SSL.  It will retrieve user inforamtion and authenticate against
LDAP while not utilizing SSL. Whenever, I enable SSL the password
authentication portion dies while the getent still works.




More information about the fedora-list mailing list