[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Redhat 7.2 ldap authentication takes two logins
Hi,
Has anybody on the list upgraded to Redhat 7.2 and had problems with
ldap and TLS. Apologies if this is related to TLS rather than openldap, I
don't know where the source of the problem lies.
I have ldap authentication using TLS working with RedHat 7.1 kernel
2.4.3-12 (openldap 2.0.11-8, openssh 2.5.2p2-5, nss_ldap 149-4, openssl
0.9.6-9) on a 800MHz 686.
When upgrade or new install a client to 7.2 kernel 2.4.7-10 (openldap
2.0.11-13, openssh 2.9p2-12, openssl 0.9.6b-8) it takes two logins before
it will authenticate to either 7.2 or 7.1 server, the logins do not need
to be the same user. However an existing 7.1 client will ldap authenticate
to the 7.2 server.
Two login problem apparent after upgrading openldap. Removing TLS
requirement fixes problem but password is now clear text.
Client snip from /var/log/messages
client1 login(pam_unix)[16514]: check pass; user unknown
client1 login(pam_unix)[16514]: authentication failure; logname= uid=0
euid=0 tty=tty1 ruser= rhost=
client1 login[16514]: pam_ldap: ldap_start_tls_s Connect error
client1 login[16514]: FAILED LOGIN 1 FROM (null) FOR sastaff,
Authentication failure
client1 login(pam_unix)[16514]: check pass; user unknown
client1 login(pam_unix)[16514]: session opened for user sastaff by (uid=0)
client1 -- sastaff[16514]: LOGIN ON tty1 BY sastaff
Regards
Barry Wright