Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server

---

• From: ay0my <no-reply-gw@xxxxxxxxxxxxxxxxx>
• Date: Mon, 19 Jun 2006 12:05:13 +0200

---

Hi,


Nigel:
"Look for pam_check_host_attr, pam_groupdn and pam_member_attribute."

These 3 attributes in /etc/ldap.conf are commented out with a #, hence I do not think they are causing the problem.

Gordon:
The /etc/pam.d/system-auth is attached below. Apologize that I do not know what to look for in this file. Thanks for your advise.

[root@sspxz1000 pam.d]# cat system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so

account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so shadow nullok try_first_pass use_authtok
password sufficient pam_ldap.so use_authtok
password required pam_deny.so

session required pam_limits.so
session required pam_unix.so
session optional pam_ldap.so
[root@sspxz100 pam.d]#

Regards






--
This is an email sent via the webforum on http://fcp.homelinux.org
http://fcp.homelinux.org/modules/newbb/viewtopic.php?post_id=94215&topic_id=21829&forum=28#forumpost94215

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

---

• Follow-Ups:
  • Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
    • From: Nigel Wade
  • Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
    • From: Gordon Messmer
  • Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
    • From: ay0my

• References:
  • Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
    • From: Nigel Wade

• Prev by Date: Re: set a persistent route
• Next by Date: Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
• Previous by thread: Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
• Next by thread: Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server
• Index(es):
  • Date
  • Thread

---

Relevant Pages Problems with VSFTP authenticating agains LDAP ... LDAP server and troubles started. ... account sufficient pam_ldap.so ... password sufficient pam_ldap.so ... session sufficient pam_ldap.so ... (comp.os.linux.setup) root authentication problem with LDAP ... I'm using openLDAP to authenticate users in my network, the problem I have is that when the LDAP server is down or unreachable, I cannot login as root, although is a local user, that's a complication to me when I have to work in a server that has lost the connection to the network. ... account sufficient pam_succeed_if.so uid < 500 quiet ... password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok ... (Fedora) RE: Cant authenticate to LDAP domain with Redhat9 ... account sufficient /lib/security/pam_ldap.so ... password sufficient /lib/security/pam_unix.so nullok md5 shadow ... Cant authenticate to LDAP domain with Redhat9 ... > unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ... (RedHat)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)