[Fedora-directory-users] PAM problem - ldap_search_s No such object
Nalin Dahyabhai
nalin at redhat.com
Fri Jun 24 16:04:48 UTC 2005
On Fri, Jun 24, 2005 at 04:28:42PM +0100, Billy Allan wrote:
> However.... ;-) I'm trying to get a Linux client (SuSe 9.2) to
> authenticate against the directory, but keep seeing :
>
> Jun 24 16:35:33 xxxxxxxx sshd[780]: pam_ldap: ldap_search_s No such object
> Jun 24 16:35:33 xxxxxxxx sshd[775]: error: PAM: User not known to the
> underlying authentication module for illegal user testeroo from xxxxxxxx
A "no such object" error suggests that the base DN for the search is
either not there or inaccessible to the client.
> I can search the directory from the client (I can get Thunderbird to use
> it as the addressbook for instance).
I guess that rules out the "object isn't there" theory. Are your
Thunderbird users authenticating to the directory?
The pam_ldap module needs to convert the user name to the distinguished
name of an entry in the directory server before it can attempt to bind
to that entry with the user's password, so you need to provide the
ability to locate an entry using its "uid" attribute in order for things
to work.
HTH,
Nalin
More information about the Fedora-directory-users
mailing list