[Fedora-directory-users] PAM problem - ldap_search_s No such object
George Holbert
gholbert at broadcom.com
Fri Jun 24 17:50:57 UTC 2005
>
>
>Jun 24 16:35:33 xxxxxxxx sshd[780]: pam_ldap: ldap_search_s No such object
>Jun 24 16:35:33 xxxxxxxx sshd[775]: error: PAM: User not known to the
> underlying authentication module for illegal user testeroo from xxxxxxxx
>
Are you using a proxy DN (binddn) in /etc/ldap.conf (pam_ldap config
file)? If so, does this DN exist in the directory?
Nalin Dahyabhai wrote:
>On Fri, Jun 24, 2005 at 04:28:42PM +0100, Billy Allan wrote:
>
>
>>However.... ;-) I'm trying to get a Linux client (SuSe 9.2) to
>>authenticate against the directory, but keep seeing :
>>
>>Jun 24 16:35:33 xxxxxxxx sshd[780]: pam_ldap: ldap_search_s No such object
>>Jun 24 16:35:33 xxxxxxxx sshd[775]: error: PAM: User not known to the
>> underlying authentication module for illegal user testeroo from xxxxxxxx
>>
>>
>
>A "no such object" error suggests that the base DN for the search is
>either not there or inaccessible to the client.
>
>
>
>>I can search the directory from the client (I can get Thunderbird to use
>>it as the addressbook for instance).
>>
>>
>
>I guess that rules out the "object isn't there" theory. Are your
>Thunderbird users authenticating to the directory?
>
>The pam_ldap module needs to convert the user name to the distinguished
>name of an entry in the directory server before it can attempt to bind
>to that entry with the user's password, so you need to provide the
>ability to locate an entry using its "uid" attribute in order for things
>to work.
>
>HTH,
>
>Nalin
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
More information about the Fedora-directory-users
mailing list