[Date Prev][Date Next] [Chronological] [Thread] [Top]

linux pam authentication



I'm having some trouble building an LDAP authentication server.  I'm trying to create a server to provide centralized authentication to a group of identical servers.  I was able to install OpenLDAP, nss_ldap, auth_ldap, etc.  When I place an entry in /etc/pam.d/rlogin and I try to rlogin to the machine I get unpredicted results in both /var/log/messages and in the slapd debug output.
 
At the moment the machine is acting as both the LDAP client and the LDAP server and I think the dn is set correctly in both /etc/openldap/slapd.conf and /etc/ldap.conf.  I can successfully use ldapsearch to browse the directory with the following syntax:
    ldapsearch -v -b "o=Intevo,c=US" 'objectclass=account'
 
Can somepne please help me figure out what the problem is?
 
Thanks,
-Terry
 
 
 
------------
/var/log/messages:
 
May 22 09:19:33 jakethesnake rlogind[2394]: pam_ldap: ldap_search_s No such object
May 22 09:19:33 jakethesnake rlogind[2394]: PAM authentication failed for in.rlogind
 
------------
slapd log:
 
select activity on 1 descriptors
new connection on 7
activity on:
listening for connections on 6, activity on: 7r
before select active_threads 0
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 39 contents:
ber_dump: buf 0x808d490, ptr 0x808d490, end 0x808d4b7
          current len 39, contents:
        02 01 01  `  " 02 01 02 04 15  c  n  =  r  o  o
         t  ,  o  =  I  n  t  e  v  o  ,  c  =  U  S 80
        06  s  e  c  r  e  t
do_bind
listening for connections on 6, activity on: 7rdo_bind: version 2 dn (cn=root,o=Intevo,c=US) method 128
 
before select active_threads 1
==> ldbm_back_bind: dn: CN=ROOT,O=INTEVO,C=US
dn2entry_r: dn: "CN=ROOT,O=INTEVO,C=US"
=> dn2id( "CN=ROOT,O=INTEVO,C=US" )
=> ldbm_cache_open( "/usr/tmp/dn2id.dbb", 7, 600 )
<= ldbm_cache_open (cache 0)
<= dn2id NOID
dn2entry_r: dn: "O=INTEVO,C=US"
=> dn2id( "O=INTEVO,C=US" )
====> cache_find_entry_dn2id: found dn: O=INTEVO,C=US
<= dn2id 2 (in cache)
=> id2entry_r( 2 )
====> cache_find_entry_dn2id: found id: 2 rw: 0
entry_rdwr_rtrylock: ID: 2
<= id2entry_r 0x808dac0 (cache)
====> cache_return_entry_r
entry_rdwr_runlock: ID: 2
do_bind: bound "cn=root,o=Intevo,c=US" to "cn=root, o=Intevo, c=US"
send_ldap_result 0::
ber_flush: 14 bytes to sd 7
         0 0c 02 01 01  a 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 53 contents:
ber_dump: buf 0x808d490, ptr 0x808d490, end 0x808d4c5
          current len 53, contents:
        02 01 02  c  0 04 0f  o  =  I  n  t  e  v  o  ,
        20  c  =  U  S 20 0a 01 02 0a 01 00 02 01 01 02
        01 00 01 01 00 a3 0c 04 03  u  i  d 04 05  t  e
         r  r  y  0 00
do_search
listening for connections on 6, activity on: 7r
SRCH "O=INTEVO,C=US " 2 0before select active_threads 1
    1 0 0
begin get_filter
EQUALITY
end get_filter 0
    filter: (uid=TERRY)
    attrs:
send_ldap_result 32::
ber_flush: 14 bytes to sd 7
         0 0c 02 01 02  e 07 0a 01 20 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf 0x808d5e0, ptr 0x808d5e0, end 0x808d5e5
          current len 5, contents:
        02 01 03  B 00
listening for connections on 6, activity on: 7r
before select active_threads 1
do_unbind