Re: needed, PAM && LDAP help

To: vandeveb@letu.edu
Cc: debian-user@lists.debian.org
Subject: Re: needed, PAM && LDAP help
From: Sergey V Kovalyov <sqk0316@SCIRES.ACF.NYU.EDU>
Date: Fri, 11 Jun 1999 12:33:10 -0400
Message-id: <[🔎] Pine.SGI.4.10.9906111223470.234770-100000@neumann.acf.nyu.edu>
In-reply-to: <[🔎] 19990501185128.A344@caesar.flooders.local>

> I was following the thread on using LDAP to handle authentication of clients,
> and I am having a lot of trouble getting things to work.
> 
> First I created a new testing account
> 
> # adduser testing
> 
> Second, I downloaded the conversion tools, turned off shadowpasswords, and 
                     That was not necessary  ^^^^^^^^^^^^^^^^^^^^^^^^^^

> updated my LDAP database.
> 
> Using ldapsearch, I verified that all the accounts had been transfered over. I 
> then downloaded the pam_ldap modules, and changed /etc/pam.d/other to: 
> 
> auth     sufficient     pam_ldap.so
> auth     required       pam_unix_auth.so     try_first_pass
> account  required       pam_unix_acct.so
> password required       pam_unix_passwd.so   shadow
> session  required       pam_unix_session.so
> 
> Note: there is not an /etc/pam.d/login file.

That means you havn't installed the login that actually uses pam. The
packade is pam-apps

> Then I deleted the test account from /etc/password, /etc/shadow etc.
> But I was not able to login with the test account.

Well, besides authenticating a user, you also need other information, like
uid, home dir, shell. pam_ldap does not provide this. You also need
libnss-ldap to get this info.

After you install libnss-ldap and pam-apps and try again, you should look
into your /var/log/syslog file where slapd will report all requests. This
will help determine the problems.

Sergey.

Reply to:

References:
- needed, PAM && LDAP help
  - From: <vandeveb@letu.edu>

Prev by Date: Is this List down?
Next by Date: Re: Is this List down?
Previous by thread: Re: needed, PAM && LDAP help
Next by thread: menu bar in eterm
Index(es):
- Date
- Thread