[Fedora-directory-devel] LDAP Authentication

J. Hartman joona.hartman at gmail.com
Wed Feb 28 15:02:32 UTC 2007 

Hi,

In your client's ldap.conf, the rootbinddn should be set to a real account
object, possibly the "cn=directory manager".

In access log, you can see that the client is trying to bind as
"dc=example,dc=com"
(server's naming context!), and err=48 shows that the entry doesn't have
userPassword attribute.

Try commenting out the rootbinddn line or use "cn=directory manager".

Regards,
Joona Hartman

On 2/28/07, Michiel van Heukelom - Van Boxtel Software BV <
mvheukelom at van-boxtel-software.nl> wrote:
>
>
>
> Problem with authenticate.
>
> I've installed fedora-ds-1.0.4-1.RHEL4.i386.opt.rpm and it seems to be
> working fine. I can manage users by the console. On another machine i want
> to use the directory, but when ik log in, in /var/log/messages i get the
> following error:
>
> Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]: check pass; user unknown
>
> Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]: authentication failure;
> logname= uid=0 euid=0 tty=pts/2 ruser= rhost=192.168.100.176
>
> Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]: could not identify user
> (from getpwnam(mvheukelom))
>
> Feb 23 13:07:59 ldap-vm4 login[3885]: User not known to the underlying
> authentication module
>
> On my ldap server the file /opt/fedora-ds/slapd/logs/access
>
> [28/Feb/2007:11:27:49 +0100] conn=250 op=0 BIND dn="dc=example,dc=com"
> method=128 version=3
> [28/Feb/2007:11:27:49 +0100] conn=250 op=0 RESULT err=48 tag=97 nentries=0
> etime=0
> [28/Feb/2007:11:27:51 +0100] conn=251 fd=67 slot=67 connection from
> 192.168.100.118 to 192.168.100.119
> [28/Feb/2007:11:27:51 +0100] conn=251 op=0 BIND dn="dc=example,dc=com"
> method=128 version=3
> [28/Feb/2007:11:27:51 +0100] conn=251 op=0 RESULT err=48 tag=97 nentries=0
> etime=0
> [28/Feb/2007:11:27:51 +0100] conn=251 op=1 UNBIND
> [28/Feb/2007:11:27:51 +0100] conn=251 op=1 fd=67 closed - U1
>
> my ldap.conf on my client:
>
> host 192.168.100.119
>
> base dc=Example,dc=com
>
> rootbinddn dc=example,dc=com
>
> In authconfig i've made the changes to: use ladap and user ldap
> authentication. I've also filled in my server (IP-number) and my base.
>
> Can someone advise me what to check please....
> *
>
>
> Best regards,
>
> Michiel van Heukelom
>
> Van Boxtel Software B.V.
>
>
>
>   Phone: +31 (0) 492 - 327 357 Fax:  +31 (0) 492 - 324 326 E-mail:
> mvheukelom at van-boxtel-software.nl Website: www.van-boxtel-software.nl*
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070228/8d95b0ed/attachment.htm>

More information about the Fedora-directory-devel mailing list