LDAP authentication on FC3

Mark msalists at gmx.net
Mon Jun 13 07:03:08 UTC 2005


Hi,

I have a problem using LDAP on FC3 for authentication and login.

So far it worked on FC1 without problem, but the same ldap.conf, nsswitch.conf and system-auth won't work under FC3.

ldap.conf looks like this:

base dc=mydomain,dc=com
host 192.168.1.20
pam_password md5
ssl yes


This gives me the following messages in /var/log/message:
Jun 12 23:48:27 infra1 sshd(pam_unix)[2716]: check pass; user unknown
Jun 12 23:48:27 infra1 sshd[2716]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jun 12 23:48:27 infra1 sshd[2716]: pam_ldap: ldap_simple_bind Can't contact LDAP server


Changing the host parameter in ldap.conf to
URI ldaps://192.168.1.20

then gives me a different error message:
Jun 12 23:54:37 infra1 sshd(pam_unix)[2732]: check pass; user unknown
Jun 12 23:54:37 infra1 sshd(pam_unix)[2732]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.29

nscd is NOT running
Also, I disabled SELINUX

At the same time, finger and groups commands work, I can also pull up the record using ldapsearch...

Any ideas what could be the problem?

Thanks,

MARK




More information about the fedora-list mailing list