trouble with pam-ldap
I'm trying to get a Debian sarge machine to authenticate against an
OpenLDAP server (running on the same box) with no success.
Here are all non-comment lines in the relevant PAM files:
/etc/pam.d/common-account:
account required pam_ldap.so
/etc/pam.d/common-auth:
auth required pam_ldap.so
/etc/pam.d/common-session:
session required pam_ldap.so
/etc/pam.d/common-password:
password required pam_ldap.so
My "/etc/pam_ldap.conf" file is unmodified from the Debian default,
except that I've changed my base dn and login dn:
base dc=cadre5,dc=com
rootbinddn cn=manager,dc=cadre5,dc=com
After seeing several log messages about the nonexistence of
"/etc/ldap.secret" in the logfile "/var/log/auth.log", I created it and
added a manager password.
The LDAP database was imported from OpenLDAP on another machine (which I
have authenticated against many times using RedHat and Fedora boxes). I
added the ldiff file using slapadd, and have been able to bind against
it using a simple graphical LDAP client, so I know the basic LDAP
service is working as expected.
I've even been able to use RedHat "authconfig" to make a RedHat box
authenticate against slapd running on this particular Debian box.
When I "tail -f /var/log/auth.log" and attempt to login, I see:
Oct 12 16:11:52 localhost sshd[15215]: Illegal user jeremy.brown from
::ffff:172.28.2.115
Oct 12 16:11:53 localhost sshd[15215]: Failed unknown for illegal user
jeremy.brown from ::ffff:172.28.2.115 port 1814 ssh2
Can anyone help me? I have always relied on the RedHat "authconfig"
application for setting up LDAP authentication and know very little
about configuring pam or pam-ldap by hand.
Thanks in advance,
Jeremy Brown
jeremy@brownjava.org
Reply to: