[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_ldap, authconfig, sshd



Hi all. 

In 7.3, I was able to do a simple setup of an ldap client against an
openldap server (also under linux), and all of my services (mainly ssh)
worked using ldap as the authentication method. 

Setting up an ldap client in Redhat 9, though it seemed easier at first,
doesn't seem to have covered all of my bases, and I'm having a bit of
trouble.

It seems that logging in on the console works wonderfully. Just using
authconfig to do the setup works great. However, though my
/etc/pam.d/system-auth file includes pam_ldap for just about everything,
and /etc/pam.d/sshd points to system-auth, it would appear as though
something is awry, because I keep getting 'Permission Denied' errors
trying to log in via ssh to the client machine. 

The ldap server's logs *do* show that there is a query coming across,
and also that the search being performed for the user are successful,
but I don't see a BIND operation occurring, and ssh simply fails. The
same user can log in at the console (lest we suspect a mistyped or
forgotten password, or a misconfigured /etc/ldap.conf file). Also, only
'files ldap' exists in nsswitch for passwd/shadow/group.

Has anyone come across this? I have this list archived locally in my
evolution client back to November, and it seems this particular problem
hasn't really surfaced. 

While I'm here, where's the 'system-auth' manpage - where is that
covered? 

Thanks for your time. 




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]