RHEL3, RHEL4, openssh and openldap
mroth at cfl.rr.com
mroth at cfl.rr.com
Mon Sep 25 20:11:43 UTC 2006
Followup on my own post...
Two things I forgot to add: using Webmin, *it* thinks that the RHEL3 box
is configured to use LDAP, but when I hit the validate configuration
under LDAP clients, it says everything is hunky-dory... except it can't
find a valid user. Meanwhile, using the search ldap option of Webmin,
and using ldapsearch, I can find entries under People, and all have
posixAccounts, etc.
mark
----- Original Message -----
From: mroth at cfl.rr.com
Date: Monday, September 25, 2006 2:01 pm
Subject: RHEL3, RHEL4, openssh and openldap
To: redhat-list at redhat.com
> Hi, folks,
>
> Well, after weeks of fighting, I got openldap working, including
> automounting home directories... but that was between two RHEL4
> boxen. I
> have an RHEL3 box (and no, I don't look to get permission to
> upgrade it
> soon), and I've tried everything, but it seems as though openssh is
> notgoing through PAM to call ldap. On RHEL4, /var/log/secure tells
> me it
> hit LDAP; while on the RHEL3 box, I see nothing, other than password
> failed for <username>.
>
> The RHEL4 are running openssh 3.9.p1-8, pam 0.77-65, and openldap
> 2.2.13-2, and the server's on one of them. The RHEL3 box has openssh
> 3.6.1p2, pam 0.75-67, and openldap 2.0.27 (core, -22, clients, -17).
>
> I've tried running ssh -vvv to get there, and it tells me nothing
> useful, and I've also tried running strace right after attempting
> to log
> on, and the things that make me nervous are a reference to trying to
> open nsswitch.conf, and "... an ex" in the text with it, and then it
> seems to be printing out what you'd get with -?.
>
> Are there any known interoperability issues? Is the version of
> openssh I'm using *really* PAM-enabled?
>
> Clues for the poor?
>
> mark
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list