[Date Prev][Date Next] [Chronological] [Thread] [Top]

id: cannot find name for user ID 12345



Hi-

 I have recently implemented an openldap client and
server (both RH73) by following the 
instructions in the LinuxJournal article "OpenLDAP Everywhere".

Then I setup TLS by following the instructions in Oreilly's 
Essential Sysadmin Volume 3.

I have verified that TLS is working by using ngrep on the 
ldap server, when TLS is on, the password doesn't show up in 
the clear, awesome!

However when authenticating as an LDAP user over TLS I get the
following: 

machine~>slogin 0
Last login: Mon Jan 27 11:23:13 2003 from 10.0.0.1
id: cannot find name for user ID 12345
machine~>scp
unknown user 12345

I found documentation about a similar situation between 
openldap and active directory here:

http://online.securityfocus.com/infocus/1563

However I have tried turning off all of the "access" stuff
by commenting out the following in slapd.conf (on both
the client and the server) and that didn't seem to help

access to attr=userPassword
        by self                                                 write
        by anonymous                                            auth
        by dn="cn=manager,dc=foo,dc=com"               write
        by *                                                    compare

access to *
        by self                                                 write
        by dn="cn=manager,dc=foo,dc=com"               write
        by *                                                    read

I also tried to insert an administrator DN and password in 
/etc/ldap.conf  on both the client and server which also didn't
seem to help.

I'm also getting stuff like this in my /var/log/messages:

Jan 27 16:55:36 machine sudo(pam_unix)[11379]: check pass; user unknown
Jan 27 16:55:36 machine sudo(pam_unix)[11379]: authentication failure; logname=user uid=0 euid=0 tty=pts/10 ruser= rhost=


Jan 27 16:56:51 machine sshd(pam_unix)[11381]: check pass; user unknown
Jan 27 16:56:51 machine sshd(pam_unix)[11381]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=localhost
Jan 27 16:56:51 machine sshd(pam_unix)[11381]: session opened for user user by (uid=0)

My question is how do I trouble shoot this? Is it a problem with PAM on the client?
That is my best guess at the moment since changing the perms on my directory didn't
seem to make a difference.

Thank You!

Alex 

-- 
Alex Clark           Scientific & Statistical Computing Core
Division of Intramural Research Programs NIMH/NIH
Building 10 Room 2D42 10 Center Drive Bethesda MD 20892-1148
Phone: 301-451-6233   Fax: 301-402-1370   Cell: 410-340-6010
Email: aclark@codon.nih.gov    Web: http://afni.nimh.nih.gov