[Fedora-directory-users] Prolem with pam_passthru

Giovanni Mancuso suuuper at messinalug.org
Tue Mar 4 18:05:24 UTC 2008 

The TRACE is:

[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
2.16.840.1.113730.3.4.2)
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
conn=0xb669b948, handle=3
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
1.3.6.1.4.1.42.2.27.8.5.1)
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
conn=0xb669b8a8, handle=3
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 1 (FOUND)
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls 1 controls
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
conn=0xb669b808, handle=3
[04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 
2.16.840.1.113730.3.4.16)
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
[04/Mar/2008:19:04:15 +0100] - do_bind: version 3 method 0x80 dn 
uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int
[04/Mar/2008:19:04:15 +0100] - mapping tree selected backend : userRoot
[04/Mar/2008:19:04:15 +0100] - Calling plugin 'Legacy replication 
preoperation plugin' #3 type 401
[04/Mar/2008:19:04:15 +0100] - Calling plugin 'Multimaster replication 
preoperation plugin' #4 type 401
[04/Mar/2008:19:04:15 +0100] - Calling plugin 'PAM Pass Through Auth' #5 
type 401
[04/Mar/2008:19:04:15 +0100] - allow_operation: component identity is NULL
[04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Could not find BIND 
dn uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int (error 32 - No 
such object)
[04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Bind DN 
[uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or not 
found
[04/Mar/2008:19:04:15 +0100] - => send_ldap_result 32::Bind DN 
[uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or not 
found
[04/Mar/2008:19:04:15 +0100] - add_pb
[04/Mar/2008:19:04:15 +0100] - <= send_ldap_result
[04/Mar/2008:19:04:15 +0100] - get_pb
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
conn=0xb669b8a8, handle=3
[04/Mar/2008:19:04:15 +0100] - do_unbind
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - => get_ldapmessage_controls
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() 
conn=0xb669b808, handle=3
[04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls no controls
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() 
returning NO VALUE
[04/Mar/2008:19:04:15 +0100] - defbackend_noop
[04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing


Rich Megginson ha scritto:
> Giovanni Mancuso wrote:
>> Rich Megginson ha scritto:
>>> However, if you turn on the TRACE debug log level you might find 
>>> some clues - 
>>> http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting
>>>
>>> One more thing - in your config you have both
>> no, sorry, i meant:
>> the pam_passthru auth works  if  I set
>> pamIDMapMethod: RDN
>> but it maps the wrong user
> Ok.  So this means you have a user uid=username whose pam login is not 
> "username".
>>
>> then if I change the dse.ldif and put
>> pamIDMapMethod: ENTRY
>> pamIDAttr:   mail
>> then the slapi_something_() won't find the entry even if it's there...
>> anyway yes, I want to use the email as the pam userid.
>>
>> I wish it's clearer now..
> Yes.  So I think the next step will be to turn on TRACE level 
> debuggging in the error log to see why it cannot find your entry.
>>
>> Thx,
>> Giovanni
>>
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080304/b47c60b6/attachment.html>

More information about the 389-users mailing list