I'm having some trouble building an LDAP
authentication server. I'm trying to create a server to provide
centralized authentication to a group of identical servers. I was able to
install OpenLDAP, nss_ldap, auth_ldap, etc. When I place an entry in
/etc/pam.d/rlogin and I try to rlogin to the machine I get unpredicted results
in both /var/log/messages and in the slapd debug output.
At the moment the machine is acting as both the
LDAP client and the LDAP server and I think the dn is set correctly in both
/etc/openldap/slapd.conf and /etc/ldap.conf. I can successfully use
ldapsearch to browse the directory with the following syntax:
ldapsearch -v -b "o=Intevo,c=US"
'objectclass=account'
Can somepne please help me figure out what the
problem is?
Thanks,
-Terry
------------
/var/log/messages:
May 22 09:19:33 jakethesnake rlogind[2394]:
pam_ldap: ldap_search_s No such object
May 22 09:19:33 jakethesnake rlogind[2394]: PAM authentication failed for in.rlogind ------------
slapd log:
select activity on 1 descriptors
new connection on 7 activity on: listening for connections on 6, activity on: 7r before select active_threads 0 select activity on 1 descriptors activity on: 7r read activity on 7 ber_get_next ber_get_next: tag 0x30 len 39 contents: ber_dump: buf 0x808d490, ptr 0x808d490, end 0x808d4b7 current len 39, contents: 02 01 01 ` " 02 01 02 04 15 c n = r o o t , o = I n t e v o , c = U S 80 06 s e c r e t do_bind listening for connections on 6, activity on: 7rdo_bind: version 2 dn (cn=root,o=Intevo,c=US) method 128 before select active_threads 1
==> ldbm_back_bind: dn: CN=ROOT,O=INTEVO,C=US dn2entry_r: dn: "CN=ROOT,O=INTEVO,C=US" => dn2id( "CN=ROOT,O=INTEVO,C=US" ) => ldbm_cache_open( "/usr/tmp/dn2id.dbb", 7, 600 ) <= ldbm_cache_open (cache 0) <= dn2id NOID dn2entry_r: dn: "O=INTEVO,C=US" => dn2id( "O=INTEVO,C=US" ) ====> cache_find_entry_dn2id: found dn: O=INTEVO,C=US <= dn2id 2 (in cache) => id2entry_r( 2 ) ====> cache_find_entry_dn2id: found id: 2 rw: 0 entry_rdwr_rtrylock: ID: 2 <= id2entry_r 0x808dac0 (cache) ====> cache_return_entry_r entry_rdwr_runlock: ID: 2 do_bind: bound "cn=root,o=Intevo,c=US" to "cn=root, o=Intevo, c=US" send_ldap_result 0:: ber_flush: 14 bytes to sd 7 0 0c 02 01 01 a 07 0a 01 00 04 00 04 00 select activity on 1 descriptors activity on: 7r read activity on 7 ber_get_next ber_get_next: tag 0x30 len 53 contents: ber_dump: buf 0x808d490, ptr 0x808d490, end 0x808d4c5 current len 53, contents: 02 01 02 c 0 04 0f o = I n t e v o , 20 c = U S 20 0a 01 02 0a 01 00 02 01 01 02 01 00 01 01 00 a3 0c 04 03 u i d 04 05 t e r r y 0 00 do_search listening for connections on 6, activity on: 7r SRCH "O=INTEVO,C=US " 2 0before select active_threads 1 1 0 0 begin get_filter EQUALITY end get_filter 0 filter: (uid=TERRY) attrs: send_ldap_result 32:: ber_flush: 14 bytes to sd 7 0 0c 02 01 02 e 07 0a 01 20 04 00 04 00 select activity on 1 descriptors activity on: 7r read activity on 7 ber_get_next ber_get_next: tag 0x30 len 5 contents: ber_dump: buf 0x808d5e0, ptr 0x808d5e0, end 0x808d5e5 current len 5, contents: 02 01 03 B 00 listening for connections on 6, activity on: 7r before select active_threads 1 do_unbind |