Aaron/All, I'm seeing the same thing with logins via ssh, on rhel 4 the error logs as: "pam_ldap: error trying to bind as user "uid=name,ou=People,dc=domain,dc=com" (Invalid credentials)" rhel 3: "pam_ldap: error trying to bind as user "uid=name,ou=People,dc=domain,dc=com" (Constraint violation)"

The user works on another rhel4 box with the same config as the one throwing the error, so I'm at a loss.

On 3/5/07, Aaron Cline aaron.cline@gmail.com wrote:

Hello:

I'm using FedoraDS 1.0.3 to perform authentication functions to servers in a DMZ. This morning a user was able to log in but then 1 minute later they tried to use sudo as themselves and they were denied. They continued to be denied for the next 10 minutes before they gave up. I pulled the following errors from the system log of the system they were logged into:

Mar 5 14:24:37 low-tcw-103 sudo(pam_unix)[10957]: check pass; user unknown Mar 5 14:24:37 low-tcw-103 sudo(pam_unix)[10957]: authentication failure; logname=marnelc uid=0 euid=0 tty=pts/1 ruser= rhost= Mar 5 14:24:37 low-tcw-103 sudo[10957]: pam_ldap: error trying to bind as user "uid=marnelc,ou=ISG,ou=Lowell,ou=People,dc=pii-dmz,dc=ext" (Invalid credentials) Mar 5 14:24:43 low-tcw-103 sudo(pam_unix)[10957]: check pass; user unknown Mar 5 14:24:43 low-tcw-103 sudo[10957]: pam_ldap: error trying to bind as user "uid=marnelc,ou=ISG,ou=Lowell,ou=People,dc=pii-dmz,dc=ext" ( Constraint violation)

It looks to me that the first time the user must have typed the wrong password, but after that I don't know what happened.

I don't see any obvious errors in either the access or error log files on the LDAP server. Has anyone seen this before?

Thanks for any info or advice.

Aaron

-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users