Re: Problems with LDAP Authentication

To: Petter Reinholdtsen <pere@hungry.com>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: Problems with LDAP Authentication
From: Ger Hooton <g.hooton@ucc.ie>
Date: Thu, 13 Jun 2013 12:41:41 +0100
Message-id: <[🔎] 1371123701.2407.26.camel@pc014>
Reply-to: g.hooton@ucc.ie
In-reply-to: <2fl4nd2nuz6.fsf@diskless.uio.no>
References: <9566463.6423.1370949626488.JavaMail.nabble@tom.nabble.com> <2fl4nd2nuz6.fsf@diskless.uio.no>

Thanks Petter for your response.
It looks like the authentication process looks for the user
in /etc/passwd first and if the user is not there it gives up, ie. dose
not go to the LDAP server.
However, if LDAP is first then everything works fine.
Also I note that if I do su - username  as root [authentication not
required] I get:
su: Authentication failure
(Ignored)

//Ger

On Thu, 2013-06-13 at 12:52 +0200, Petter Reinholdtsen wrote:
> [Ger Hooton]
> > Any ideas?
> 
> Not really.
> 
> But you seem to confuse authentication with user information.
> nsswitch.conf control which users are visible (and other related
> information), while the content of /etc/pam.d/ control password
> checking.
> 
> Did you consider using sssd instead?  If you are lucky,
> /usr/lib/sssd/generate-config would generate the sssd config you need
> automatically, and the default setup for NSS and PAM should work out of
> the box.
> 

-- 
Gerard Hooton.
Senior Technical Officer
Department of Electrical & Electronic Engineering
University College Cork.
College Road.
Cork.
Ireland.

Tel: +353 21 4902296
Mobile: 085 281 3491

Reply to:

Prev by Date: Problem with authentication
Next by Date: Re: Need help undeleting a Big gz compressed tar ball
Previous by thread: Problem with authentication
Next by thread: Dependency issue to install skype
Index(es):
- Date
- Thread