RHEL3, RHEL4, openssh and openldap

[mroth at cfl.rr.com]

Followup on my own post...

Two things I forgot to add: using Webmin, *it* thinks that the RHEL3 box
is configured to use LDAP, but when I hit the validate configuration
under LDAP clients, it says everything is hunky-dory... except it can't
find a valid user. Meanwhile, using the search ldap option of Webmin,
and using ldapsearch, I can find entries under People, and all have
posixAccounts, etc.

   mark

----- Original Message -----
From: mroth at cfl.rr.com
Date: Monday, September 25, 2006 2:01 pm
Subject: RHEL3, RHEL4, openssh and openldap
To: redhat-list at redhat.com

> Hi, folks,
> 
>   Well, after weeks of fighting, I got openldap working, including
> automounting home directories... but that was between two RHEL4 
> boxen. I
> have an RHEL3 box (and no, I don't look to get permission to 
> upgrade it
> soon), and I've tried everything, but it seems as though openssh is 
> notgoing through PAM to call ldap. On RHEL4, /var/log/secure tells 
> me it
> hit LDAP; while on the RHEL3 box, I see nothing, other than password
> failed for <username>.
> 
>   The RHEL4 are running openssh 3.9.p1-8, pam 0.77-65, and openldap
> 2.2.13-2, and the server's on one of them. The RHEL3 box has openssh
> 3.6.1p2, pam 0.75-67, and openldap 2.0.27 (core, -22, clients, -17).
> 
>   I've tried running ssh -vvv to get there, and it tells me nothing
> useful, and I've also tried running strace right after attempting 
> to log
> on, and the things that make me nervous are a reference to trying to
> open nsswitch.conf, and "... an ex" in the text with it, and then it
> seems to be printing out what you'd get with -?.
> 
>   Are there any known interoperability issues? Is the version of
> openssh I'm using *really* PAM-enabled?
> 
>   Clues for the poor?
> 
>     mark
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>