[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Filter to AND with uid=%s



If I understand what you're saying: you can't telnet to a box
with LDAP under RH 6.2.  Try adding the attributes:
	objectclass: account
	host: box.name.com
to the LDAP user you're trying to login as.

Clear as mud?  I ran across the same thing and that fixed
it for me.  I was going to do that anyway with the filter
as in your subject line, but it appears that 6.2 is doing
it for you somewhere.  I never did pinpoint where or why.

Good luck,
Kelli

-----Original Message-----
From: pam-list-admin@redhat.com [mailto:pam-list-admin@redhat.com]On
Behalf Of Edwin Whitelaw
Sent: Wednesday, November 15, 2000 3:07 PM
To: pam-list@redhat.com
Subject: Filter to AND with uid=%s


I believe my problem is related to this thread but the point of failure
seems to be whether the host can reverse lookup the client.

In a nutshell:

I can telnet (logind) to the host as long as the client has a reverse
lookup.

The really odd thing here is I can rlogin using LDAP with OR without the
reverse map.
I'm using the pam.d from the nss_ldap package in RH6.2.  The problem
seems pretty consistent.  I've played around a bit trying pam_pwdb vs
pam_unix but confess that as of this point I have not delved into the
details.

Even when the login fails, the ldap logs show a successful lookup.

Any help appreciated,

--

<=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=++=+=+=>
Edwin Whitelaw
Principal Engineer - Networking
General Dynamics Advanced Technology Systems
Phone: (336) 698-8396







[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []