Ok. The problem turned out to be permissions. Somehow during my initial
messing around with setting up openldap I had created two of the three
database files and assigned them to root:root. When starting up openldap I
use -u ldap to switch to the user ldap.
Obviously when I run ldapadd I'm un
On Thu, 2003-02-06 at 13:29, sentinel wrote:
> >> Problem is I'm requiring it for security reasons. Tough call. 777 to /home
> >> or no priv seperation. I think I'll check out the PAM modules code and see
> >> if there is a work around.
>
> >I don't know. Are the home directories that are crea
>> It wasn't working until I enabled
>> PAMAuthenticationViaKbdInt.
> I thought it started working when you added the users' home dir (or
> pam_mkhomedir). Are you sure about that fix?
I could have sworn that was when it started working (/me looks back through
notes). The pam_mkhomedir wasn't
On Thu, 2003-02-06 at 08:59, sentinel wrote:
>
> > You're probably not. PAM is always used to authenticate passwords,
> > IIRC.
>
> Even through SSH?
I was referring specifically to SSH. I don't believe that sshd, when
compiled with PAM support, will ever authenticate passwords without
PAM. I
>> Ok. I have it working now. The problem was my sshd_config wasn't setup to
>> authenticate using PAM modules. Seems it's turned off by default (I'f I'm
>> reading this correctly).
> You're probably not. PAM is always used to authenticate passwords,
> IIRC.
Even through SSH? It wasn't wo
On Tue, 2003-02-04 at 09:45, sentinel wrote:
>
> Ok. I have it working now. The problem was my sshd_config wasn't setup to
> authenticate using PAM modules. Seems it's turned off by default (I'f I'm
> reading this correctly).
You're probably not. PAM is always used to authenticate passwords,
> OK, so if you 'ls -l /home', are the uids resolved to names via LDAP?
> If you don't have anything in /home, just log in as root, touch a file
> in /tmp, and chown it to a user that exists in LDAP, but not
> /etc/passwd. If it works, then you're binding properly to the
> directory.
Ok. I hav
On Mon, 2003-02-03 at 09:28, sentinel wrote:
> Ok. I think I know where the problem is. I've spent countless hours
> reading through LDPA documentation from the PADL, RedHat and OpenLDAP sites.
> I'm running RedHat 7.3 with Netscapes LDAP server (version 6.11). I'm
> trying to ssh into a server
On Mon, 2003-01-27 at 10:42, sentinel wrote:
> I must be missing something. I'm setting up a Netscape LDAP server running
> on RedHat 7.3 and accessing it from a RedHat 8.0 workstation. I've setup
> Netscape LDAP servers many times in the past however I never had to worry
> about a client until
sentinel said:
>
> Hmmm... Just noticed that tidbit in the documentation. I'm wondering if
> that's my problem. I seem to be getting hits (looking at the netscape
> ldap logs) however no info is passed for authentication. I noticed a
> section where I can select my password format (don't see MD5
Hmmm... Just noticed that tidbit in the documentation. I'm wondering if
that's my problem. I seem to be getting hits (looking at the netscape ldap
logs) however no info is passed for authentication. I noticed a section
where I can select my password format (don't see MD5). SSHA and a few
other
sentinel said:
> Actually I had setup my ldap.conf however it was missing the
> nss_base_passwd ,the nss_base_group and uri. I'm seeing a new message pop
> up now.
>
> **
> ssh -l user_name ip_address
>
> user_name@ip_address password:
> Permission denied, please try again.
> **
>
> I'm wo
Actually I had setup my ldap.conf however it was missing the nss_base_passwd
,the nss_base_group and uri. I'm seeing a new message pop up now.
**
ssh -l user_name ip_address
user_name@ip_address password:
Permission denied, please try again.
**
I'm wondering if I'm hitting the ldap serv
sentinel said:
>
> I'm trying to ssh to the server from my client and authenticate via LDAP.
> On the server I have 'files ldap' entries setup for nsswitch.conf and
> checked /etc/pam.d/sshd to make sure ldap entries are in place. When I
> connect I receive a message to "Enter LDAP Password".
st
14 matches
Mail list logo