« Return to Thread: Authentication Failure In pam_ldap ?
Re: Authentication Failure In pam_ldap ?
by Jyotishmaan
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
Hello (Alex)
With the chnaged ldappasswd for the user-"jmaan",
ldapsearch worked fine as said in an earlier mail, ssh too woked fine, execpt for the fact that tge log on was onto the root directory rather than /home/jmaan.
With the console log in and the new password (got from ldappasswd) of the user jmaan, the following were the messages logged into the /var/log/messages file.
Dec 23 16:30:09 authdns gconfd (jmaan-19078): starting (version 2.18.0.1), pid 19078 user 'jmaan'
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to load source "xml:readwrite:/home/jmaan/.gconf": Failed: Could not make directory `/home/jmaan/.gconf': No such file or directory
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration source at position 0
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source at position 1
Dec 23 16:30:09 authdns gconfd (jmaan-19078): None of the resolved addresses are writable; saving configuration settings will not be possible
Dec 23 16:30:09 authdns gconfd (jmaan-19078): No writable config sources successfully resolved, may not be able to save some configuration changes
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to open saved state file: Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory)
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to open saved state file: Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory)
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to log addition of listener gnome-session (Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory));will not be able to restore this listener on gconfd restart, resulting in unreliable notification of configuration changes.
Now, what should i do, is it something with the permissions of various files like gconfd file etc to quote ?
With the chnaged ldappasswd for the user-"jmaan",
ldapsearch worked fine as said in an earlier mail, ssh too woked fine, execpt for the fact that tge log on was onto the root directory rather than /home/jmaan.
With the console log in and the new password (got from ldappasswd) of the user jmaan, the following were the messages logged into the /var/log/messages file.
Dec 23 16:30:09 authdns gconfd (jmaan-19078): starting (version 2.18.0.1), pid 19078 user 'jmaan'
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to load source "xml:readwrite:/home/jmaan/.gconf": Failed: Could not make directory `/home/jmaan/.gconf': No such file or directory
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration source at position 0
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source at position 1
Dec 23 16:30:09 authdns gconfd (jmaan-19078): None of the resolved addresses are writable; saving configuration settings will not be possible
Dec 23 16:30:09 authdns gconfd (jmaan-19078): No writable config sources successfully resolved, may not be able to save some configuration changes
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to open saved state file: Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory)
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to open saved state file: Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory)
Dec 23 16:30:09 authdns gconfd (jmaan-19078): Failed to log addition of listener gnome-session (Failed: Failed to open gconfd logfile; won't be able to restore listeners after gconfd shutdown (No such file or directory));will not be able to restore this listener on gconfd restart, resulting in unreliable notification of configuration changes.
Now, what should i do, is it something with the permissions of various files like gconfd file etc to quote ?
With Thanks and Regards,
Jyotishmaan Ray
Jyotishmaan Ray
Moderator Of Paradise Groups
Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See What All You Had Been Missing !!!!
Please Join Immediately By Sending A Blank Mail @
Spirituality-Paradise-subscribe@...
Please Join Immediately By Sending A Blank Mail @
Spirituality-Paradise-subscribe@...
----- Original Message ----
From: Alex Samad <alex@...>
To: pamldap@...
Sent: Sunday, December 23, 2007 2:05:22 AM
Subject: Re: [pamldap] Authentication Failure In pam_ldap ?
On Fri, Dec 21, 2007 at 11:56:03PM -0800, Jyotishmaan Ray wrote:
> Hi All,
>
> ldapsearch
>
> -h <servername> -p <PortNumber> -x -D
>
> cn=Manager,dc=nits,dc=ac,dc=in -W -b dc=nits,dc=ac,dc=in '(uid=jmaan*)'
>
> works out fine as said before, but now the /var/log/messages is showing the following errors, when i had been trying continuously to login from the console in the ldap server machine using the dn of the users-"jmaan" and "ldapusr":-
>
> Please give directions/hints so that, i can somehow resolve the issues of authentication with pam_ldap ?
>
> It seems it could not bind with the ldsp server ? But then why?
let fix one thing at a time
>
> I had been trying to reset the ldappasswd for these users (jmaan and ldapusr) but again it gives me "invalid credentials" as shown below :
>
> [root@authdns log]# ldappasswd -h localhost -p 389 -x -D uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in -WEnter LDAP Password:
> ldap_bind: Invalid credentials (49)
If you look at the command, you are trying to change the password for dn
uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in, part of the process
is providing the original users password, if you don't know it that isn't going
to work.
As with your other problems a quick scan of the man pages does provide the
answer
"ldappasswd sets the password of associated with the user [or an optionally
specified user]."
you need to bind as the manager uid and change the password of jmaan
ldappasswd -h localhost -p 389 -x -D cn=Manager,dc=nits,dc=ac,dc=in -W
uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
once this works, then try the ldapsearch with the -x -D
then try the local login
>
> The messages from the /var/log/messages are shown below:-
>
> Dec 22 12:59:46 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 12:59:49 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:00:39 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:00:41 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:01:28 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:01:32 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:03:04 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:03:07 authdns gdm[2361]: Couldn't authenticate user
>
these is the same issue
>
> My ldap.conf file of the ldap server machine is show below:
>
> [root@authdns log]# egrep -v '^(^$|#)' /etc/ldap.conf
>
> base dc=nits,dc=ac,dc=in
> timelimit 120
> bind_timelimit 120
> idle_timelimit 3600
> nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon
> uri ldap://127.0.0.1/
> ssl no
> tls_cacertdir /etc/openldap/cacerts
> pam_password md5
>
>
>
> The slapd.conf file of my server machine is as shown below:
>
> [root@authdns log]# egrep -v '^(^$|#)' /etc/openldap/slapd.conf
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/nit.schema
> access to * by * read
> allow bind_v2
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
> database bdb
> suffix "dc=nits,dc=ac,dc=in"
> rootdn "cn=Manager,dc=nits,dc=ac,dc=in"
> rootpw {SSHA}Y3RagOP7u3FsNbHCnPVLwsxUepwIgezoyou should have change the above password before emailing to any one
> directory /var/lib/ldap
> index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub
> index uidNumber,gidNumber,loginShell eq,pres
> index uid,memberUid eq,pres,sub
> index nisMapName,nisMapEntry eq,pres,sub
>
>
> access to attrs=userPassword
> by * auth
> by self write
> access to *
> by * read
> access to *
> by dn="cn=Manager,dc=nits,dc=ac,dc=in" write
> by dn="uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" read
> by dn="uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" read
> by dn="uid=usr1,dc=nits,dc=ac,dc=in" read
> by users read
> by self write
> by * read
>
> lastmod on
> access to * by users read
> authz-regexp
> uid=([^,]*),dc=[^,]*,cn=auth
> uid=$1,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> loglevel -1
>
> Thank you for taking efforts to read till this line. Now please show me your expertise on this, and let me resolve this authentication ?
>
> Jyotishmaan
> Moderator Of Paradise Groups
> http://yahoogroups.com/group/Spirituality-Paradise
>
> Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See What All You Had Been Missing !!!!
> Please Join Immediately By Sending A Blank Mail @
> Spirituality-Paradise-subscribe@...
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----- Original Message ----
> From: Alex Samad <alex@...>
> To: pamldap@...
> Sent: Friday, December 21, 2007 3:42:30 AM
> Subject: Re: [pamldap] Authentication Failure In pam_ldap ?
>
>
> On Wed, Dec 19, 2007 at 10:59:17PM -0800, Jyotishmaan Ray wrote:
> >
> > Hello Alex,
> >
> > Thank you for giving me tips on ldapsearch with -x and -D.
> >
> > The output of a ldapsearch with -x and -D options is as shown below:-
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D
> cn=Manager,dc=nits,dc=ac,dc=in -W -b dc=nits,dc=ac,dc=in '(uid=jmaan)'
> > Enter LDAP Password:
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <dc=nits,dc=ac,dc=in> with scope subtree
> > # filter: (uid=jmaan)
> > # requesting: ALL
> > #
> >
> > # jmaan, non-teach, compcen, nits.ac.in
> > dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> > uid: jmaan
> > cn: jmaan
> > objectClass: account
> > objectClass: posixAccount
> > userPassword:: JDEkOVE1ZDRQdzUkWkl1QlJjQWhLZ0xPREtTR2FrNlhNMQ==
> > loginShell: /bin/bash
> > uidNumber: 623
> > gidNumber: 623
> > homeDirectory: /home/jmaan
> >
> > # search result
> > search: 2
> > result: 0 Success
> >
> > # numResponses: 2
> > # numEntries: 1
> > [root@authdns ~]#
> great now you know that cn=Manager,dc=nits,dc=ac,dc=in works
>
> >
> > The output of ldapsearch when used with -x and -D options with dn for
> the user "jmaan" is as shown below when the passoword for jmaan was
> used:-
> >
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D
> 'uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in' -W
> > Enter LDAP Password:
> > ldap_bind: Invalid credentials (49)
> > [root@authdns ~]#
>
> this is the test that should have been done from the begging you are
> simulating
> what pamldap does (with out sasl auth), I would make sure you -h and -p
>
> corrospond with what you have in you pamldap.conf file
>
> >
> > When the ldapsearch is used with -x and -D options and the password
> of the autenticating Manager was used then the ldapsearch is a
> successful one as shown below:-
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D '
> cn=Manager,dc=nits,dc=ac,dc=in' -W '(uid=jmaan)'
> > Enter LDAP Password:
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <> with scope subtree
> > # filter: (uid=jmaan)
> > # requesting: ALL
> > #
> >
> > # jmaan, non-teach, compcen, nits.ac.in
> > dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> > uid: jmaan
> > cn: jmaan
> > objectClass: account
> > objectClass: posixAccount
> > userPassword:: JDEkOVE1ZDRQdzUkWkl1QlJjQWhLZ0xPREtTR2FrNlhNMQ==
> > loginShell: /bin/bash
> > uidNumber: 623
> > gidNumber: 623
> > homeDirectory: /home/jmaan
> >
> > # search result
> > search: 2
> > result: 0 Success
> >
> > # numResponses: 2
> > # numEntries: 1
> >
> > Now please give me insights in this!!!! In both of the cases for the
> user-"jmaan" everything matches with the imported file of the user
> "jmaan" except for the password (where the password was in md5 format,
> while importing). Is it because of this mismatch that i could not log
> through the console in the server machine using the user id-"jmaan" ?
> > Also are the reasons same for unsuccessful log on using ssh
> <hostname> -l <uid>
> please forget about ssh until you get the ldap bind working.
> and yes this is the reason it is not working. try resetting the
> password for
> that user. Once you have the ldap bind working then test login in form
> the
> console and then ssh.
>
> use the admin account to change the password for jmaan
> >
> > Please let me, Alex!! More to know from you, as i cannot see any
> other ways!!!!
> >
> >
> >
> > Thanking you,
> >
> > Regards,
> >
> > Jyotishmaan
> >
> >
> >
> >
> > With Thanks and Regards,
> > Jyotishmaan Ray
> > Moderator Of Paradise Groups
> > http://yahoogroups.com/group/Spirituality-Paradise
> >
> > Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See
> What All You Had Been Missing !!!!
> > Please Join Immediately By Sending A Blank Mail @
> > Spirituality-Paradise-subscribe@...
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> ____________________________________________________________________________________
> > Looking for last minute shopping deals?
> > Find them fast with Yahoo! Search.
> http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>
>
>
>
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
From: Alex Samad <alex@...>
To: pamldap@...
Sent: Sunday, December 23, 2007 2:05:22 AM
Subject: Re: [pamldap] Authentication Failure In pam_ldap ?
On Fri, Dec 21, 2007 at 11:56:03PM -0800, Jyotishmaan Ray wrote:
> Hi All,
>
> ldapsearch
>
> -h <servername> -p <PortNumber> -x -D
>
> cn=Manager,dc=nits,dc=ac,dc=in -W -b dc=nits,dc=ac,dc=in '(uid=jmaan*)'
>
> works out fine as said before, but now the /var/log/messages is showing the following errors, when i had been trying continuously to login from the console in the ldap server machine using the dn of the users-"jmaan" and "ldapusr":-
>
> Please give directions/hints so that, i can somehow resolve the issues of authentication with pam_ldap ?
>
> It seems it could not bind with the ldsp server ? But then why?
let fix one thing at a time
>
> I had been trying to reset the ldappasswd for these users (jmaan and ldapusr) but again it gives me "invalid credentials" as shown below :
>
> [root@authdns log]# ldappasswd -h localhost -p 389 -x -D uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in -WEnter LDAP Password:
> ldap_bind: Invalid credentials (49)
If you look at the command, you are trying to change the password for dn
uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in, part of the process
is providing the original users password, if you don't know it that isn't going
to work.
As with your other problems a quick scan of the man pages does provide the
answer
"ldappasswd sets the password of associated with the user [or an optionally
specified user]."
you need to bind as the manager uid and change the password of jmaan
ldappasswd -h localhost -p 389 -x -D cn=Manager,dc=nits,dc=ac,dc=in -W
uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
once this works, then try the ldapsearch with the -x -D
then try the local login
>
> The messages from the /var/log/messages are shown below:-
>
> Dec 22 12:59:46 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 12:59:49 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:00:39 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:00:41 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:01:28 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:01:32 authdns gdm[2361]: Couldn't authenticate user
> Dec 22 13:03:04 authdns gdm[2361]: pam_ldap: error trying to bind as user "uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid credentials)
> Dec 22 13:03:07 authdns gdm[2361]: Couldn't authenticate user
>
these is the same issue
>
> My ldap.conf file of the ldap server machine is show below:
>
> [root@authdns log]# egrep -v '^(^$|#)' /etc/ldap.conf
>
> base dc=nits,dc=ac,dc=in
> timelimit 120
> bind_timelimit 120
> idle_timelimit 3600
> nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon
> uri ldap://127.0.0.1/
> ssl no
> tls_cacertdir /etc/openldap/cacerts
> pam_password md5
>
>
>
> The slapd.conf file of my server machine is as shown below:
>
> [root@authdns log]# egrep -v '^(^$|#)' /etc/openldap/slapd.conf
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/nit.schema
> access to * by * read
> allow bind_v2
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
> database bdb
> suffix "dc=nits,dc=ac,dc=in"
> rootdn "cn=Manager,dc=nits,dc=ac,dc=in"
> rootpw {SSHA}Y3RagOP7u3FsNbHCnPVLwsxUepwIgezo
> directory /var/lib/ldap
> index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub
> index uidNumber,gidNumber,loginShell eq,pres
> index uid,memberUid eq,pres,sub
> index nisMapName,nisMapEntry eq,pres,sub
>
>
> access to attrs=userPassword
> by * auth
> by self write
> access to *
> by * read
> access to *
> by dn="cn=Manager,dc=nits,dc=ac,dc=in" write
> by dn="uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" read
> by dn="uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" read
> by dn="uid=usr1,dc=nits,dc=ac,dc=in" read
> by users read
> by self write
> by * read
>
> lastmod on
> access to * by users read
> authz-regexp
> uid=([^,]*),dc=[^,]*,cn=auth
> uid=$1,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> loglevel -1
>
> Thank you for taking efforts to read till this line. Now please show me your expertise on this, and let me resolve this authentication ?
>
> Jyotishmaan
> Moderator Of Paradise Groups
> http://yahoogroups.com/group/Spirituality-Paradise
>
> Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See What All You Had Been Missing !!!!
> Please Join Immediately By Sending A Blank Mail @
> Spirituality-Paradise-subscribe@...
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----- Original Message ----
> From: Alex Samad <alex@...>
> To: pamldap@...
> Sent: Friday, December 21, 2007 3:42:30 AM
> Subject: Re: [pamldap] Authentication Failure In pam_ldap ?
>
>
> On Wed, Dec 19, 2007 at 10:59:17PM -0800, Jyotishmaan Ray wrote:
> >
> > Hello Alex,
> >
> > Thank you for giving me tips on ldapsearch with -x and -D.
> >
> > The output of a ldapsearch with -x and -D options is as shown below:-
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D
> cn=Manager,dc=nits,dc=ac,dc=in -W -b dc=nits,dc=ac,dc=in '(uid=jmaan)'
> > Enter LDAP Password:
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <dc=nits,dc=ac,dc=in> with scope subtree
> > # filter: (uid=jmaan)
> > # requesting: ALL
> > #
> >
> > # jmaan, non-teach, compcen, nits.ac.in
> > dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> > uid: jmaan
> > cn: jmaan
> > objectClass: account
> > objectClass: posixAccount
> > userPassword:: JDEkOVE1ZDRQdzUkWkl1QlJjQWhLZ0xPREtTR2FrNlhNMQ==
> > loginShell: /bin/bash
> > uidNumber: 623
> > gidNumber: 623
> > homeDirectory: /home/jmaan
> >
> > # search result
> > search: 2
> > result: 0 Success
> >
> > # numResponses: 2
> > # numEntries: 1
> > [root@authdns ~]#
> great now you know that cn=Manager,dc=nits,dc=ac,dc=in works
>
> >
> > The output of ldapsearch when used with -x and -D options with dn for
> the user "jmaan" is as shown below when the passoword for jmaan was
> used:-
> >
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D
> 'uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in' -W
> > Enter LDAP Password:
> > ldap_bind: Invalid credentials (49)
> > [root@authdns ~]#
>
> this is the test that should have been done from the begging you are
> simulating
> what pamldap does (with out sasl auth), I would make sure you -h and -p
>
> corrospond with what you have in you pamldap.conf file
>
> >
> > When the ldapsearch is used with -x and -D options and the password
> of the autenticating Manager was used then the ldapsearch is a
> successful one as shown below:-
> >
> > [root@authdns ~]# ldapsearch -h authdns.nits.ac.in -p 389 -x -D '
> cn=Manager,dc=nits,dc=ac,dc=in' -W '(uid=jmaan)'
> > Enter LDAP Password:
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <> with scope subtree
> > # filter: (uid=jmaan)
> > # requesting: ALL
> > #
> >
> > # jmaan, non-teach, compcen, nits.ac.in
> > dn: uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in
> > uid: jmaan
> > cn: jmaan
> > objectClass: account
> > objectClass: posixAccount
> > userPassword:: JDEkOVE1ZDRQdzUkWkl1QlJjQWhLZ0xPREtTR2FrNlhNMQ==
> > loginShell: /bin/bash
> > uidNumber: 623
> > gidNumber: 623
> > homeDirectory: /home/jmaan
> >
> > # search result
> > search: 2
> > result: 0 Success
> >
> > # numResponses: 2
> > # numEntries: 1
> >
> > Now please give me insights in this!!!! In both of the cases for the
> user-"jmaan" everything matches with the imported file of the user
> "jmaan" except for the password (where the password was in md5 format,
> while importing). Is it because of this mismatch that i could not log
> through the console in the server machine using the user id-"jmaan" ?
> > Also are the reasons same for unsuccessful log on using ssh
> <hostname> -l <uid>
> please forget about ssh until you get the ldap bind working.
> and yes this is the reason it is not working. try resetting the
> password for
> that user. Once you have the ldap bind working then test login in form
> the
> console and then ssh.
>
> use the admin account to change the password for jmaan
> >
> > Please let me, Alex!! More to know from you, as i cannot see any
> other ways!!!!
> >
> >
> >
> > Thanking you,
> >
> > Regards,
> >
> > Jyotishmaan
> >
> >
> >
> >
> > With Thanks and Regards,
> > Jyotishmaan Ray
> > Moderator Of Paradise Groups
> > http://yahoogroups.com/group/Spirituality-Paradise
> >
> > Are You Spiritually Aware !!! Are You Enjoying Yourself !!! See
> What All You Had Been Missing !!!!
> > Please Join Immediately By Sending A Blank Mail @
> > Spirituality-Paradise-subscribe@...
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> ____________________________________________________________________________________
> > Looking for last minute shopping deals?
> > Find them fast with Yahoo! Search.
> http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>
>
>
>
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
Never miss a thing. Make Yahoo your homepage.
« Return to Thread: Authentication Failure In pam_ldap ?
| Free Forum Powered by Nabble | Forum Help |