thanks
Kyle,
I added
use_first_pass at the end of each pam_openldap.so.1 line and now I am only
prompted for one login each time I am trying to log-in.
But the problem
stays the same. I can't log in. Login is apparently incorrect.
Beside this I have
installed proftpd with mod_ldap. This works pretty good. I can login with
"helene" without any problem. But this has obviously nothing to do with this pam
problem. Just to say that user helene and all the ldap stuff is set up
correctely.
/var/log/pamlog
tells :
Aug 2 15:32:57
x1.wynanet.ch PAM: [ID 702575 auth.debug] pam_start(telnet ) - debug =
1
Aug 2 15:32:57 x1.wynanet.ch PAM: [ID 859314 auth.debug] pam_set_item(1) Aug 2 15:32:57 x1.wynanet.ch PAM: [ID 859314 auth.debug] pam_set_item(2) Aug 2 15:32:57 x1.wynanet.ch PAM: [ID 859314 auth.debug] pam_set_item(5) Aug 2 15:32:57 x1.wynanet.ch PAM: [ID 859314 auth.debug] pam_set_item(3) Aug 2 15:32:57 x1.wynanet.ch PAM: [ID 859314 auth.debug] pam_set_item(4) Aug 2 15:32:57 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(9) Aug 2 15:32:57 x1.wynanet.ch login: [ID 207130 auth.debug] pam_authenticate() Aug 2 15:32:57 x1.wynanet.ch login: [ID 305314 auth.debug] load_modules: /usr/lib/security/pam_openldap.so.1 Aug 2 15:32:57 x1.wynanet.ch login: [ID 265225 auth.debug] load_function: successful load of pam_sm_authenticate Aug 2 15:32:57 x1.wynanet.ch login: [ID 305314 auth.debug] load_modules: /usr/lib/security/pam_unix.so Aug 2 15:32:57 x1.wynanet.ch login: [ID 265225 auth.debug] load_function: successful load of pam_sm_authenticate Aug 2 15:33:00 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(2) Aug 2 15:33:01 x1.wynanet.ch login: [ID 427203 auth.debug] pam_authenticate: error No account present for user Aug 2 15:33:01 x1.wynanet.ch login: [ID 553197 auth.debug] nss_ldap: __session.ls_conn=0, __pid=-1, pid=10467, __euid=-1, euid=0 Aug 2 15:33:01 x1.wynanet.ch login: [ID 553197 auth.debug] nss_ldap: __session.ls_conn=31e80, __pid=10467, pid=10467, __euid=0, euid=0 Aug 2 15:33:03 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(6) Aug 2 15:33:03 x1.wynanet.ch login: [ID 427203 auth.debug] pam_authenticate: error Authentication failed Aug 2 15:33:03 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(6) Aug 2 15:33:03 x1.wynanet.ch login: [ID 553197 auth.debug] nss_ldap: __session.ls_conn=31e80, __pid=10467, pid=10467, __euid=0, euid=0 Aug 2 15:33:03 x1.wynanet.ch last message repeated 1 time Aug 2 15:33:07 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(2) Aug 2 15:33:07 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(8) Aug 2 15:33:07 x1.wynanet.ch login: [ID 859314 auth.debug] pam_set_item(9) Aug 2 15:33:07 x1.wynanet.ch login: [ID 207130 auth.debug] pam_authenticate() Aug 2 15:33:07 x1.wynanet.ch login: [ID 305314 auth.debug] load_modules: /usr/lib/security/pam_openldap.so.1 Any ideas ? Perhaps
it is the password encryption mechanism which I have not really
understood...
With openldap-1.2.11 you have the possibility to
use the -H option to choose wether you want crypt,sha,md5 etc. I am missing this
feature in openldap-2.0.x !? (default is SHA I think...)
I am using the pam_passwd exop thing. I tried
clear, crypt but none of these options have changed my
life.
regards,
Jan
|