[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Strange Pam-Ldap authentication issue



Hi Joshua 
> Hello, I'm sorry I know pam/ldap integration is passe, but I've got a
> strange problem. I've setup the padl libnss-ldap and pam-ldap, and

Sorry, I missed that you did setup lib_nss.

> everything seems to be working. I have all my user accounts imported into
> Ldap, and I've added one extra user account to LDAP (but not
> in /etc/passwd) to test with. Here is what I can and cannot do:
> - "finger test-user" works, and I get a listing of the shell, home folder,
> etc.

Do you use the "normal" fingerd or the one from OpenLDAP?
 
> - "chown test-user testfile.txt" does NOT work.
> 
> logging in as test-user authenticates _IF_ I include the following line
> in /etc/passwd:
> 
> test-user:x:2000:2000:::/bin/bash

Remove this entry again, try a "getent passwd" and see is the ldap-only
user shows up. This query will use nss for lookup. If test-user isn't
included, then there's something wrong with your nss_ldap setup.
 
-- 
Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de