with pleasure, even though there is nothing relevant to ldap

Mar  6 17:50:20 medulis sshd[4928]: Server listening on :: port 22.
Mar  6 17:50:21 medulis sshd[4928]: error: Bind to port 22 on
failed: Address already in use.
Mar  6 17:55:59 medulis sudo:     root : TTY=unknown ; PWD=/ ;
USER=mirjam ; COMMAND=/usr/bin/gconftool
--get /system/http_proxy/use_http_proxy
Mar  6 17:55:59 medulis sudo: pam_unix(sudo:session): session opened for
user mirjam by (uid=0)
Mar  6 17:55:59 medulis sudo: pam_unix(sudo:session): session closed for
user mirjam
Mar  6 17:56:00 medulis sudo:     root : TTY=unknown ; PWD=/ ;
USER=mirjam ; COMMAND=/usr/bin/gconftool --get /system/http_proxy/host
Mar  6 17:56:00 medulis sudo: pam_unix(sudo:session): session opened for
user mirjam by (uid=0)
Mar  6 17:56:00 medulis sudo: pam_unix(sudo:session): session closed for
user mirjam
Mar  6 17:56:00 medulis sudo:     root : TTY=unknown ; PWD=/ ;
USER=mirjam ; COMMAND=/usr/bin/gconftool --get /system/http_proxy/port
Mar  6 17:56:00 medulis sudo: pam_unix(sudo:session): session opened for
user mirjam by (uid=0)
Mar  6 17:56:00 medulis sudo: pam_unix(sudo:session): session closed for
user mirjam
Mar  6 18:17:01 medulis CRON[12599]: pam_unix(cron:session): session
opened for user root by (uid=0)
Mar  6 18:17:01 medulis CRON[12599]: pam_unix(cron:session): session
closed for user root
Mar  6 18:17:17 medulis gdm[5712]: pam_unix(gdm:session): session opened
for user mirjam by (uid=0)
Mar  6 19:09:15 medulis sshd[18307]: Accepted password for fidel from port 52652 ssh2
Mar  6 19:09:15 medulis sshd[18313]: pam_unix(sshd:session): session
opened for user fidel by (uid=0)
Mar  6 19:09:20 medulis sudo:    fidel : TTY=pts/0 ; PWD=/home/fidel ;
USER=root ; COMMAND=/bin/su -
Mar  6 19:09:20 medulis sudo: pam_unix(sudo:session): session opened for
user root by fidel(uid=0)
Mar  6 19:09:20 medulis sudo: pam_unix(sudo:session): session closed for
user root
Mar  6 19:09:20 medulis su[18385]: Successful su for root by root
Mar  6 19:09:20 medulis su[18385]: + pts/0 root:root
Mar  6 19:09:20 medulis su[18385]: pam_unix(su:session): session opened
for user root by fidel(uid=0)

Quite interesting though the fact, that only xscreensaver is connected
to the ldap server:
 # netstat -patu
Aktive Internetverbindungen (Server und stehende Verbindungen)
Proto Recv-Q Send-Q Local Address           Foreign Address
State       PID/Program name
tcp        0      0 *:37379                 *:*
LISTEN      5374/rpc.statd  
tcp        0      0 *:33093                 *:*
LISTEN      -               
tcp        0      0 medulis.nigel:mysql     *:*
LISTEN      5055/mysqld     
tcp        0      0 *:sunrpc                *:*
LISTEN      4306/portmap    
tcp        0      0 *:ipp                   *:*
LISTEN      5177/cupsd      
tcp        0      0 medulis.nigel:35861     mimas-nxge0.switch.:www
TIME_WAIT   -               
tcp        0      0 medulis.nigel:48330
VERBUNDEN   13265/xscreensaver
tcp        0      0 medulis.nigel:41590     84-75-125-185.dcl:imap2
VERBUNDEN   13453/evolution 
tcp        0      0 medulis.nigel:56430     ns2.whoswe.ch:imap2
VERBUNDEN   13453/evolution 
tcp        0      0 medulis.nigel:999
VERBUNDEN   -               
tcp6       0      0 [::]:ssh                [::]:*
LISTEN      4928/sshd       
tcp6       0      0 [::]:ipp                [::]:*
LISTEN      5177/cupsd      
tcp6       0      0 medulis.nigel:ssh       fidelski.nigel:52652
VERBUNDEN   18307/sshd: fidel [
udp        0      0 *:51257                 *:*
udp        0      0 *:bootpc                *:*
udp        0      0 *:46535                 *:*
udp        0      0 *:mdns                  *:*
udp        0      0 *:sunrpc                *:*
udp        0      0 *:886                   *:*
udp        0      0 *:ipp                   *:*

Really no clue, still I cannot exclude that I am missing some
configuration!!! Since on Gentoo authentication configuration is quite
transparent and in Fedora it is quite "automagic" with authconfig it is
of course possible that I did not do everything right. I already stated
the configuration of the system authentication, missed the
entire /etc/nsswitch.conf though:
passwd: ldap files # compat
group:  ldap files # compat
shadow: ldap files # compat

hosts:       files mdns4_minimal [NOTFOUND=return] dns mdns4
networks:    files dns

services:    db files
protocols:   db files
rpc:         db files
ethers:      db files

netgroup     nis

And of course the ldap configuration:

base dc=hektor,dc=nigel

uri ldap://hektor.nigel/

ldap_version 3
rootbindn cn=admin,dc=hektor,dc=nigel
port 389
bind_policy soft
pam_password crypt
ssl start_tls
tls_checkpeer no
tls_cacertfile /etc/ldap/ssl/hektor.pem
nss_base_passwd ou=People,dc=hektor,dc=nigel
nss_base_shadow ou=People,dc=hektor,dc=nigel
nss_base_group  ou=Group,dc=hektor,dc=nigel
nss_base_hosts  ou=Hosts,dc=hektor,dc=nigel


BASE dc=hektor,dc=nigel
URI ldap://hektor.nigel
TLS_CACERT /etc/ldap/ssl/hektor.pem


Am Freitag, den 06.03.2009, 16:33 +0000 schrieb Adam Sommer:
> Can you post the relevant lines of /var/log/auth.log when trying to
> login as a LDAP user?

[Hardy][LDAP]client authentication broken
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

ubuntu-bugs mailing list

universe-bugs mailing list

Reply via email to