Check if you have pam_tally configured.
Maybe, the user failed it's password and you need to reset the failed login
attempts.
Para
<fedora-directory-users(a)redhat.c
om>
"Ken Marsh" cc
<kmarsh(a)gdrs.com>
Enviado por: Asunto
fedora-directory-users-b [Fedora-directory-users]
ounces(a)redhat.com Authentication problems between
FDS 1.0.1-4 on RHES 4u4
29/05/2008 02:27 p.m. Clasificación
Uso Interno
Por favor, responda a
"General discussion list
for the Fedora Directory
server project."
<fedora-directory-users@
redhat.com>
Hi,
I have a curious problem where a few (important) users cannot log into
the Red Hat Enterprise Server 4 update 4 systems. However, most users
(including myself) can log in. These users can log in fine to ldap'd
RHES3 Update 6 systems.
The FDS logs indicate a normal fetch of the user's attributes with no
errors. The /var/log/secure on Red Hat 4 simply says
sshd[8898]: Failed password for <username> from <hex>...
Yet they can log into other LDAP based systems, including a few other
RHE4 systems, that all go back to the same FDS.
I have deleted their accounts and recreated them, which usually fixes
strange problems like this, but no luck. Some accounts are old (date
back to FDS 7.1) and others are new.
I examined the DS attributes for these users, and the only difference I
could find was the "Object class" attribute was missing the "account"
value. So, I added it, but to no avail.
I compared /etc/pam.d/system-auth and they are essentially identical
between RHES3 and 4 systems.
/var/log/secure also has a "error" Could not get shadow information for
<username>" but that happens on all users. It seems to be a soft error,
but I would like to get rid of it.
Can anyone give me a clue where to look?
Thanks!
Ken
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
========================================================================================
AVISO LEGAL: Esta información es privada y confidencial y está dirigida
únicamente a su destinatario. Si usted no es el destinatario original de
este mensaje y por este medio pudo acceder a dicha información por favor
elimine el mensaje. La distribución o copia de este mensaje está
estrictamente prohibida. Esta comunicación es sólo para propósitos de
información y no debe ser considerada como propuesta, aceptación ni como
una declaración de voluntad oficial de NUCLEO S.A. La transmisión de
e-mails no garantiza que el correo electrónico sea seguro o libre de error.
Por consiguiente, no manifestamos que esta información sea completa o
precisa. Toda información está sujeta a alterarse sin previo aviso.
This information is private and confidential and intended for the
recipient only. If you are not the intended recipient of this message you
are hereby notified that any review, dissemination, distribution or
copying of this message is strictly prohibited. This communication is for
information purposes only and shall not be regarded neither as a proposal,
acceptance nor as a statement of will or official statement from NUCLEO
S.A. . Email transmission cannot be guaranteed to be secure or error-free.
Therefore, we do not represent that this information is complete or
accurate and it should not be relied upon as such. All information is
subject to change without notice.