can't login with libpam-ldap
hi:
I am trying to allow the pam-ldap
I can login in a virtual console, but after login i am see
-bash : [: : integer expression expected
I have no name!@despatx:
I have not found any aid in google
Can anyone help me?
Configuration setins
perico@despatx:~$ uname -a
Linux despatx 2.6.12-1-amd64-k8-smp #1 SMP Wed Sep 28 02:57:49 CEST
2005 x86_64 GNU/Linux
perico@despatx:~$ cat /etc/pam.d/common*
#
# /etc/pam.d/common-account - authorization settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
account sufficient pam_unix.so
account sufficient pam_ldap.so
account required pam_deny.so
#account sufficient pam_ldap.so
#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
#auth required pam_unix.so nullok_secure
#auth sufficient pam_ldap.so try_first_pass
auth [success=1 default=ignore] pam_unix.so
auth required pam_ldap.so use_first_pass
auth required pam_permit.so
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
#used to change user passwords. The default is pam_unix
# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords)
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs. Also the "min" and "max" options enforce the length of the
# new password.
#password required pam_unix.so nullok obscure min=4 max=8 md5
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
#
password required pam_cracklib.so retry=3 minlen=6 difok=3
password sufficient pam_ldap.so
password required pam_unix.so use_authtok nullok md5
#password sufficient pam_ldap.so use_authtok nullok
password
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive). The default is pam_unix.
#
#session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session sufficient pam_ldap.so
session required pam_unix.so
the f0 /etc/nsswitch.conf have:
passwd: files ldap
group: files ldap
shadow: files ldap
perico@despatx:~$ ldapsearch -LLL -x -b "cn=Rosa
Radigales,ou=People,dc=nubiola,dc=org"
dn: cn=Rosa Radigales,ou=People,dc=nubiola,dc=org
uid: rosa
mail: rosa.radigales@nubiola.org
mailbox: Maildir/
sn: Radigales Plana
uidNumber: 1002
gidNumber: 1000
homeDirectory: /home/rosa
objectClass: inetOrgPerson
objectClass: CourierMailAccount
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
quota: 0
shadowWarning: 7
shadowMax: 99999
cn: Rosa Radigales
givenName: Rosa
loginShell: /bin/bash
gecos: rosa
--
Pere Nubiola Radigales
Telf: +34 656316974
e-mail: pere.nubiola@gmail.com
Reply to: