« Return to Thread: Authentication Failure In pam_ldap ?
Re: Authentication Failure In pam_ldap ?
by Alex Samad
::
Rate this Message:
On Thu, Dec 13, 2007 at 11:23:17PM -0800, jyotishmaan@... wrote:
> Hello Alex,
>
> Please find below the reply of your mail.
>
> Alex Samad wrote:
> >
> > can the user login via a console does that work
> > On Wed, Dec 12, 2007 at 04:55:57AM -0800, Jyotishmaan wrote:
> >>
> >> Dear pam_ldap experts,
> >>
> > [snip]
> >
> >> [root@authdns etc]# ldapwhoami SASL/DIGEST-MD5 authentication started
> >> Please enter your password:
> >> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> >> additional info: SASL(-13): user not found: no secret in database
> >> [root@authdns etc]#
> >
> > you are trying to bind with sasl is that setup , you might want to try
> > ldapwhoami with -D
>
>
>
> This command ldapwhoami -D does not give successful result.
>
> [root@authdns etc]# ldapwhoami
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns etc]#
>
>
> Now when i tried using the command ldapsearch as show below, it didnt work fine. It is shown below:-
>
> [root@authdns bin]# ldapsearch -D 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns bin]# ldapsearch -W -D 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> Enter LDAP Password:
> SASL/DIGEST-MD5 authentication started
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns bin]#
>
>
> [root@authdns bin]# ldapsearch -x -b 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> # extended LDIF
> #
> # LDAPv3
> # base <uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # jmaan, non-teach, compcen, nits.ac.in
> dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> uid: jmaan
> cn: jmaan
> objectClass: account
> objectClass: posixAccount
> loginShell: /bin/bash
> uidNumber: 623
> gidNumber: 623
> homeDirectory: /home/jmaan
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> [root@authdns bin]#
>
> However when ldapsearch -x -b options, it executes successfully. The same command doesnt work with -W And -D options.
>
> The options -x means without using sasl,
> however the option -b means, probably the base ??? (i will check it out) ?
> Please tell me why i am not able to log on to the server machine as "jmaan" or "ldapusr" ??
> Also why ssh authdns.nits.ac.in -l jmaan or ldapusr is not working fine ??
>
> Please give reasons why they are failing ??????You need to try -x for simple auth (do you have sasl setup ?) and -D to provide
the bind cn, all you have done above is prove you have annonymous access and
that the dn uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in exists
>
> Thank you so much for fast responses !!!
>
>
> Jyotishmaan
>
>
>
>
> >>
> >> Also please see the log of /var/log/messages file for the errors when the
> >> user ldapusr/ jmaan tried logging onto the LDAP server machine, through
> >> the
> >> GUI of Linux fedora os.
> >>
> >>
> >> Dec 12 14:30:41 authdns gdm[4091]: Couldn't authenticate user
> >> Dec 12 14:30:50 authdns gdm[4091]: pam_ldap: error trying to bind as user
> >> "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid
> >> credentials)
> > sounds like password problems
> >
> > try
> >
> > ldapseach -D "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in"
> > -x
> >
> > once that is working then move on to the pam problem
> >
> >
> > [snip]
> >
> > might also want to try login in via a console as well
> >>
> >>
> >> Please kindly let me where and why my authentication is failing ???
> >>
> >> With Warm Cheering Regards,
> >> Jyotishmaan http://www.nabble.com/file/p14292650/ldap.conf ldap.conf
> >> --
> >> View this message in context:
> >> http://www.nabble.com/Authentication-Failure-In-pam_ldap---tp14292650p14292650.html
> >> Sent from the PAM LDAP mailing list archive at Nabble.com.
> >>
> >>
> >
> >
> >
> Quoted from:
> http://www.nabble.com/Authentication-Failure-In-pam_ldap---tp14292650p14327472.html
>
>
> Hello Alex,
>
> Please find below the reply of your mail.
>
> Alex Samad wrote:
> >
> > can the user login via a console does that work
> > On Wed, Dec 12, 2007 at 04:55:57AM -0800, Jyotishmaan wrote:
> >>
> >> Dear pam_ldap experts,
> >>
> > [snip]
> >
> >> [root@authdns etc]# ldapwhoami SASL/DIGEST-MD5 authentication started
> >> Please enter your password:
> >> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> >> additional info: SASL(-13): user not found: no secret in database
> >> [root@authdns etc]#
> >
> > you are trying to bind with sasl is that setup , you might want to try
> > ldapwhoami with -D
>
>
>
> This command ldapwhoami -D does not give successful result.
>
> [root@authdns etc]# ldapwhoami
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns etc]#
>
>
> Now when i tried using the command ldapsearch as show below, it didnt work fine. It is shown below:-
>
> [root@authdns bin]# ldapsearch -D 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns bin]# ldapsearch -W -D 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> Enter LDAP Password:
> SASL/DIGEST-MD5 authentication started
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): user not found: no secret in database
> [root@authdns bin]#
>
>
> [root@authdns bin]# ldapsearch -x -b 'uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in'
> # extended LDIF
> #
> # LDAPv3
> # base <uid=jmaan,stornt=non-teach,bn =compcen,dc=nits,dc=ac,dc=in> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # jmaan, non-teach, compcen, nits.ac.in
> dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> uid: jmaan
> cn: jmaan
> objectClass: account
> objectClass: posixAccount
> loginShell: /bin/bash
> uidNumber: 623
> gidNumber: 623
> homeDirectory: /home/jmaan
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> [root@authdns bin]#
>
> However when ldapsearch -x -b options, it executes successfully. The same command doesnt work with -W And -D options.
>
> The options -x means without using sasl,
> however the option -b means, probably the base ??? (i will check it out) ?
> Please tell me why i am not able to log on to the server machine as "jmaan" or "ldapusr" ??
> Also why ssh authdns.nits.ac.in -l jmaan or ldapusr is not working fine ??
>
> Please give reasons why they are failing ??????
that the dn uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in exists
>
> Thank you so much for fast responses !!!
>
>
> Jyotishmaan
>
>
>
>
> >>
> >> Also please see the log of /var/log/messages file for the errors when the
> >> user ldapusr/ jmaan tried logging onto the LDAP server machine, through
> >> the
> >> GUI of Linux fedora os.
> >>
> >>
> >> Dec 12 14:30:41 authdns gdm[4091]: Couldn't authenticate user
> >> Dec 12 14:30:50 authdns gdm[4091]: pam_ldap: error trying to bind as user
> >> "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid
> >> credentials)
> > sounds like password problems
> >
> > try
> >
> > ldapseach -D "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in"
> > -x
> >
> > once that is working then move on to the pam problem
> >
> >
> > [snip]
> >
> > might also want to try login in via a console as well
> >>
> >>
> >> Please kindly let me where and why my authentication is failing ???
> >>
> >> With Warm Cheering Regards,
> >> Jyotishmaan http://www.nabble.com/file/p14292650/ldap.conf ldap.conf
> >> --
> >> View this message in context:
> >> http://www.nabble.com/Authentication-Failure-In-pam_ldap---tp14292650p14292650.html
> >> Sent from the PAM LDAP mailing list archive at Nabble.com.
> >>
> >>
> >
> >
> >
> Quoted from:
> http://www.nabble.com/Authentication-Failure-In-pam_ldap---tp14292650p14327472.html
>
>
signature.asc (196 bytes) « Return to Thread: Authentication Failure In pam_ldap ?
| Free Forum Powered by Nabble | Forum Help |