[Fedora-directory-users] Account Expiration Warning
Jim Summers
jsummers at bachman.cs.ou.edu
Thu Dec 22 14:07:34 UTC 2005
Jim Summers wrote:
>> Where -D is the id listed as proxyagent in ldap.conf, and the password
>> supplied is for that id. If userPassword is returned then you know what
>> is going on.
>>
>> If this is not what is happening, check and make sure you don't have
>> rootbinddn and /etc/ldap.secret set up. If it is actually binding as
>> your rootdn then that is what it could be as well.
>
>
> Welp, I am stumped. Running various ldapsearchs I got the results as
> they should be. Binding as the proxy, no userPassword, binding as an
> admin then I get the userPassword.
>
> I looked in /etc/ and there is not an ldap.secret file, so I guess I do
> not have the rootbinddn setup.
>
> I was thinking of removing the shadowExpire attributes but I am afraid
> if I do that then cron may stop working.
>
> Not sure at this point.
Was doing some more testing this morning. Following along in my
messages file, I noticed that when the testuser logs in, messages are
being logged with pam_unix as the service, for example:
Dec 22 07:56:03 xxxxxxx sshd(pam_unix)[18339]: check pass; user unknown
Dec 22 07:56:03 xxxxxxx sshd(pam_unix)[18339]: authentication failure;
logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=karp.cs.ou.edu
Dec 22 07:56:03 xxxxxxx sshd(pam_unix)[18342]: session opened for user
tulsa by (uid=9018)
I did set the following in sshd_config:
PAMAuthenticationViaKbdInt yes
Ideas / Suggestions?
Thanks,
jim
>
> Thanks,
> jim
>
>
>>
>>
>> Jamie
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
--
Jim Summers
School of Computer Science-University of Oklahoma
-------------------------------------------------
More information about the Fedora-directory-users
mailing list