pam_ldap
Thomas Cameron
thomas.cameron at camerontech.com
Tue Apr 5 15:19:49 UTC 2005
On Tue, 2005-04-05 at 10:30 -0400, Jon Thompson wrote:
> > Ok: I have a RHEL 3.0 box and a Fedora Core 3. I am using pam_ldap
> > for system authentication. They have the exact same configuration
> > files and parameters. I copied the files from the working box to the
> > malfunctioning system. I can execute getent passwd and see all of the
> > user names that are available through ldap. However, when I try and
> > login it fails. When I try and su to a vlaid user I get an 'incorrect
> > password' error. I have tcpdumped the traffic and watched the logs on
> > teh ldap server, the system is connecting and there has been no
> > failure due to acls. However, when I run debug withe the pam module I
> > get a pam_ldap: simple bind failure. Has anyone else come across
> > anything like this?
> >
> > Thanks,
> >
> > Jon
>
> Yes, I am fighting an LDAP issue right now with RHEL 3. Can you give a
> little more info? What LDAP server are you trying to authenticate against?
>
> Openldap 2.2.6
>
>
> Also, what version of nss_ldap are you using?
>
> RHEL 3 nss_ldap 207-11
> Fedora nss_ldap 220-3
>
>
> The interesting thing is that it works without issue when I am not
> using SSL. It will retrieve user inforamtion and authenticate against
> LDAP while not utilizing SSL. Whenever, I enable SSL the password
> authentication portion dies while the getent still works.
Be very careful - I tried to use the FC nss_ldap and was told by RH paid
support that it was not compatible and could not be made compatible with
RHEL 3.
We've been fighting this issue with RHEL since January 31st and we just
came to some sort of conclusion yesterday.
Thomas
More information about the users
mailing list