I am trying to set up a Fedora Directory server for centralised authentication.
I configure the directory server, add a user called (via the Java
GUI)
test and then, using system-config-authentication, enable LDAP on
both
tabs. I then try to log-in using the test account I set up on the directory, but I get an error message in /var/log/messages:
May 30 16:28:27 ds1 sshd(pam_unix)[4445]: check pass; user unknown May 30 16:28:27 ds1 sshd(pam_unix)[4445]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost.localdomain
which seems to indicate that it cannot find the user in the
directory.
The server is accepting connections on the standard LDAP port.
Am I missing anything?
Thanks
Gabriel
___________________________________________________________ What kind of emailer are you? Find out today - get a free analysis
of your email personality. Take the quiz at the Yahoo! Mail Championship.
http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Just on a lark, check the contents of /etc/ldap.conf, the file the nss_ldap/pam_ldap stuff uses to identify the server. I ran the system-config-authentication GUI on some CentOS 4.5 systems and they failed to change the contents of that file as appropriate.
All I had to do was change the "host" and "base" entries to point to my server and it worked just fine. I'm not sure if this is an isolated problem or a real, live bug, I'm going to test it further to see if I
can tell.
I have checked the configuration and it is correct. The directory log reports that the search does not find the uid for the user, which seems to indicate that the error is not within CentOS, as it is passing the right data via the ldap module.
I guess it is time to hit the fedora lists.
Thanks
Gabriel
___________________________________________________________ Yahoo! Answers - Got a question? Someone out there knows the answer. Try it now. http://uk.answers.yahoo.com/