[Fedora-directory-users] pam_ldap: error trying to bind as user (Constraint violation)
Aaron Cline
aaron.cline at gmail.com
Mon Mar 5 16:08:11 UTC 2007
Hello:
I'm using FedoraDS 1.0.3 to perform authentication functions to servers in a
DMZ. This morning a user was able to log in but then 1 minute later they
tried to use sudo as themselves and they were denied. They continued to be
denied for the next 10 minutes before they gave up. I pulled the following
errors from the system log of the system they were logged into:
Mar 5 14:24:37 low-tcw-103 sudo(pam_unix)[10957]: check pass; user unknown
Mar 5 14:24:37 low-tcw-103 sudo(pam_unix)[10957]: authentication failure;
logname=marnelc uid=0 euid=0 tty=pts/1 ruser= rhost=
Mar 5 14:24:37 low-tcw-103 sudo[10957]: pam_ldap: error trying to bind as
user "uid=marnelc,ou=ISG,ou=Lowell,ou=People,dc=pii-dmz,dc=ext" (Invalid
credentials)
Mar 5 14:24:43 low-tcw-103 sudo(pam_unix)[10957]: check pass; user unknown
Mar 5 14:24:43 low-tcw-103 sudo[10957]: pam_ldap: error trying to bind as
user "uid=marnelc,ou=ISG,ou=Lowell,ou=People,dc=pii-dmz,dc=ext" (Constraint
violation)
It looks to me that the first time the user must have typed the wrong
password, but after that I don't know what happened.
I don't see any obvious errors in either the access or error log files on
the LDAP server. Has anyone seen this before?
Thanks for any info or advice.
Aaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070305/07aa2495/attachment.htm>
More information about the Fedora-directory-users
mailing list