Repair of ldap pam xdm login after disk crash
Peter Fodrek
peter.fodrek at gmail.com
Thu Feb 2 14:45:01 UTC 2017
Dear PAM experts,
I am not to find out cause of problem during repair system with originaly
placed
/boot
/home
/opt
/srv
/tmp
/usr/src
and
/var
directories on crashed RAID controller bus.
I was able to recover system to boot and other things to work exceot one
PAM based xdm, ssh login using remote LDAPS server and It worked before
RAID crash
My state if art is
that
ldapsearch works well in both cases binded to rxisting user or annonymous
user as well
but
pamtester ldap fodrek authenticate open_session
pamtester nss fodrek authenticate open_session
as well as
pamtester sss fodrek authenticate open_session
results in same output
dap_msgfree
pamtester: successfully authenticated
(rdconf1.c:154): You do not exist? fodrek? Success.
(pam_mount.c:598): error expanding configuration
ldap_unbind
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 4
0000: 30 05 02 01 05 42 00 0....B.
tls_write: want=36, written=36
0000: .... PS.v
ldap_write: want=7, written=7
0000: ....B.
tls_write: want=31, written=31
0000: .....
...i.9....F..;A
ldap_free_connection: actually freed
tls_write: want=31 error=Bad file descriptor
pamtester: Insufficient credentials to access authentication data
If I do not place open_session in the command last line of output is missing
same ctedential missing output is for acct_mgmt
and chauthtook and authenticate are only operations that works.
Is there anybody who us able to send me any recommendation, what am I to
check
to get PAM to work here,please?
LDAP server is external server
usage of
pam-auth-update --force
only allow me to get system into logging with unix authentofication method
but automatic logout after several seconds
when I disable AFS session mamagement on Ubuntu 16.10 system
But I am not able to log in using LDAP account in thos case,too.
Originally there were system configured to use both PAM for log and SASL
for Subversion repository access control.
Thank you for any answer
I look forward hearing from you
Yours faithfully
Peter Fodrek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20170202/c36b31e6/attachment.htm>
More information about the Pam-list
mailing list