On Thu, Apr 12, 2001 at 06:21:59PM +0200, Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote a message of 37 lines which said:
> Apr 12 19:30:41 progress login[1149]: pam_ldap: error trying to bind as user > "cn=Vladimir Toto,ou=People,dc=netaktiv,dc=com" (Invalid credentials) > > I understand that "Invalid credentials" means a wrong password but it > works with ldapsearch: Yes, because pam_ldap was able to authentify but pam_unix (which is still required) tried to bind to the LDAP server. The missing option was, in /etc/pam.d/XXX : vvvvvvvvvvvvvv auth required pam_unix.so try_first_pass to tell pam_unix to use the above password. I learned some things about the way LDAP works :-)