I am experiencing this problem of authentication thru
ldap, when ldap is on a machine on network and also
when slapd is running locally on a RH 9.0.
I have followed steps in various openldap-linux
authentication guides, and one of my machien actually
authenticates me to the domain. The problem is with
this particular machine.
I compiled and built openldap 2.1.25, configured
it.. (attaching the slapd.conf) also downloaded
pam_ldap and nss_ldap packages, and compiled them.
The problem occurs when i do authconfig and shift to
ldap for authentication. None of my users (me and
other test users;) ) is able to authenticate, except
when user is listed in /etc/passwd database. If the
user exists only in ldap directory, he is able to bind
to the directory. Then system times out and connection
is closed and system gives another login prompt.
If users are local (listed in /etc/passwd) then they
get authenticated very easily.
the slapd.conf follows.
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/misc.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
loglevel 904
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
database bdb
suffix "dc=lt,dc=com"
rootdn "cn=manager,dc=lt,dc=com"
rootpw secret
directory /usr/local/var/openldap-data
index objectClass eq
###################
my ldap.conf is as follows
host 198.162.0.200
base dc=lt,dc=com
ldap_version 3
binddn cn=proxyuser,dc=lt,dc=com
bindpw proxy
rootbinddn cn=manager,dc=lt,dc=com
pam_filter objectclass=posixaccount
pam_login_attribute uid
pam_member_attribute gid
pam_template_login_attribute uid
pam_password md5
nss_base_passwd ou=People,dc=lt,dc=com?one
nss_base_shadow ou=People,dc=lt,dc=com?one
nss_base_group ou=Group,dc=lt,dc=com?one
nss_base_hosts ou=Hosts,dc=lt,dc=com?one
nss_map_objectclass posixAccount User
and system logs show these messages
(/var/log/messages)
-------------------------------------------------------
Jan 3 16:23:32 LTPMS modprobe: modprobe: Can't locate
module char-major-10-134
Jan 3 16:25:15 LTPMS modprobe: modprobe: Can't locate
module char-major-10-134
(these messages appear everytime i try to
authenticate on a tty or thru telnet. and even for
local system users)
If I try to ssh this machine with a user only existing
in directory I get a message saying
Illegal user julia from 192.168.0.200
_______________________________________________________
Pl. note that with the same configuration, my other
machien authenticates well. But this machine when I
use as a client, it denies me any authentication.
Any clues??
PS: does anybody feel that this char-major-10-134 is
somehow connected to AAA???
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/