pam + ldap: pulling my hair out
Gary Greene
greeneg at tolharadys.net
Wed Jun 3 15:34:23 UTC 2009
On Wednesday 03 June 2009 07:25:53 am Yan Seiner wrote:
> I've been trying to figure out how to get pam authentication working
> with ldap. From what I've read, it should "just work". In my case, it
> "just fails".
>
> No matter what I try, I get
>
> Jun 3 06:16:42 selene dovecot-auth: pam_ldap: reconnecting to LDAP
> server...
> Jun 3 06:16:42 selene dovecot-auth: pam_ldap: ldap_simple_bind Can't
> contact LDAP server
>
> I get this with every service I try; not just imap.
>
> I've turned on debugging in ldap; pam is not connecting to the ldap
> server at all.
>
> AFAICT, I have all of my pam modules set up correctly; at least I've
> followed the debian pam + ldap wiki and it all seems to make sense,
> except that pam never tries to actually connect to port 389.
> /etc/pam_ldap.conf has all the correct uri for the ldap server.
>
> Is there some way to turn on debugging in pam? Some way to see what
> it's doing? A way to examine the modules it's using?
>
> Thanks,
>
> --Yan
There is debugging options for the PADL pam_ldap module for this. Not sure
about /etc/pam_ldap.conf, since the default configuration file for the PADL
module is /etc/ldap.conf, and you of course need to set the right stuff in
nsswitch.conf too.
--
Gary L. Greene, Jr.
Sent from: peorth.tolharadys.net
08:31:00 up 30 days, 57 min, 3 users, load average: 0.67, 0.59, 0.60
==========================================================================
Developer and Project Lead for the AltimatOS open source project
Volunteer Developer for the KDE open source project
See http://www.altimatos.com/ and http://www.kde.org/ for more information
==========================================================================
Please avoid sending me Word or PowerPoint attachments.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/pam-list/attachments/20090603/ba460672/attachment.sig>
More information about the Pam-list
mailing list