Centralized LDAP Authentication using OpenLDAP+OpenSSH+nss_ldap+pam_ldap
Pierangelo Masarati
ando at sys-net.it
Mon Nov 29 09:24:16 UTC 2004
> Hi Gary
>
>
> getent passwd iqbala - works perfect
>
> I am almost done. This is where I stuck
> (almost at the end)
>
> ldaplist -l passwd iqbala
ldaplist is a Solaris specific tool
>
> ldaplist: Object not found
>
>
> cat /var/adm/ldap.log
>
> Nov 28 20:46:30 sysldap slapd[1607]: [ID 848112 local4.debug] conn=23
> fd=15 ACCEPT from IP=208.47.0.72:33428 (IP=0.0.0.0:389)
> Nov 28 20:46:30 sysldap slapd[1607]: [ID 998954 local4.debug] conn=23
> op=0 SRCH base="ou=people,dc=qwestip,dc=net" scope=1 deref=3
> filter="(&(objectClass=posixAccount)(uid=iqbala))"
> Nov 28 20:46:30 sysldap slapd[1607]: [ID 362707 local4.debug] conn=23
> op=0 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality
> required
^^^ the message looks straightforward: you need to use TLS/SSL to do that.
Or, you need to change the configuration of the server to accept to do
that in an insecure manner. How, it depends on the server, on its version
and current configuration. It has nothing to do with PAM, though.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati at sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
More information about the Pam-list
mailing list