[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pam_unix errors

To: Alexei Monastyrnyi <alexeim@orcsoftware.com>
Subject: Re: pam_unix errors
From: "Oliver Schulze L." <oliver@samera.com.py>
Date: Wed, 02 Jul 2003 14:00:51 -0400
Cc: openldap-software@OpenLDAP.org
In-reply-to: <062301c34078$0a36c2c0$fe011bac@SPIDER>
References: <3F0056E8.10708@samera.com.py> <02dc01c33f9e$7d1c5fa0$fe011bac@SPIDER> <3F01FB93.2040405@samera.com.py> <062301c34078$0a36c2c0$fe011bac@SPIDER>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624

Hi Alexei, I discover the error, I have pam_ldap.so before pam_unix.so and also, I have pam_ldap.so like this: pam_ldap.so use_first_pass

I have to use pam_ldap.so without arguments in order to do not get any error messages.

Many Thanks
Oliver

Alexei Monastyrnyi wrote:

sorry I wasn't very clear in my last posting
I usually don't have any special lines for pop in my pam.conf (Solaris box
with LDAP test environment).
But I tried this and it worked
imapd   auth sufficient         pam_ldap.so
imapd   auth required           pam_unix_auth.so.1
ipop3d  auth sufficient         pam_ldap.so
ipop3d  auth required           pam_unix_auth.so.1

using ether "pop" or "ipop3d" in pam.conf depends on what POP daemon returns
to PAM when trying to authenticate user.

----- Original Message -----
From: "Oliver Schulze L." <oliver@samera.com.py>
To: "Alexei Monastyrnyi" <alexeim@orcsoftware.com>
Cc: <openldap-software@OpenLDAP.org>
Sent: Tuesday, July 01, 2003 11:22 PM
Subject: Re: pam_unix errors

Hi,
I have this:
[root@server /etc/pam.d]# cat other
#%PAM-1.0
auth     required       /lib/security/$ISA/pam_deny.so
account  required       /lib/security/$ISA/pam_deny.so
password required       /lib/security/$ISA/pam_deny.so
session  required       /lib/security/$ISA/pam_deny.so

I do have the file: /etc/pam.d/pop
Don't know what is happening.

Do you know if there is a list for nss_ldap?

Many thanks
Oliver


Alexei Monastyrnyi wrote:

Hi.
What do you have in your pam.conf (or pam.d)?

Try this sequence.
other   auth sufficient         pam_ldap.so
other   auth required           pam_unix.so use_first_pass

----- Original Message -----
From: "Oliver Schulze L." <oliver@samera.com.py>
To: <openldap-software@OpenLDAP.org>
Sent: Monday, June 30, 2003 5:27 PM
Subject: pam_unix errors

Hi, I'm using LDAP 2.0.27 on RedHat 9. I'm also using the nss_ldap-202

module.

The problem I'm getting is that every time a user try to autenticate for
using pop3
or a shell, I get this error:
Jun 30 09:45:18 myserver pop(pam_unix)[10045]: check pass; user unknown
Jun 30 09:45:18 myserver pop(pam_unix)[10045]: authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost=
Jun 30 09:45:19 myserver ipop3d[10045]: Login user=user1
host=pc24.example.com.py [192.168.210.24] nmsgs=0/0
Jun 30 09:45:19 myserver ipop3d[10045]: Logout user=user1
host=pc24.example.com.py [192.168.210.24] nmsgs=0 ndele=0

Is this a problem with LDAP or PAM? The strange thing is that the error
is printed from the
same PID. Looks like, first the autenticatio fatils and then succeed.

Many thanks
Oliver

--
Oliver Schulze L.
<oliver@samera.com.py>

--
Oliver Schulze L.
<oliver@samera.com.py>


--
Oliver Schulze L.
<oliver@samera.com.py>

References:
- Re: pam_unix errors
  - From: "Alexei Monastyrnyi" <alexeim@orcsoftware.com>
- Re: pam_unix errors
  - From: "Oliver Schulze L." <oliver@samera.com.py>
- Re: pam_unix errors
  - From: "Alexei Monastyrnyi" <alexeim@orcsoftware.com>

Prev by Date: Re: ldapsearch for backup
Next by Date: Trigger PERL script upon database modification
Index(es):
- Chronological
- Thread