Linux-Noob Forums
trouble with ldap - Printable Version

+- Linux-Noob Forums (https://www.linux-noob.com/forums)
+-- Forum: Linux Server Administration (https://www.linux-noob.com/forums/forum-8.html)
+--- Forum: Remote Access (https://www.linux-noob.com/forums/forum-88.html)
+--- Thread: trouble with ldap (/thread-2524.html)

trouble with ldap - tek-69 - 2005-07-31


i was trying to set up ldap by following this how-to : [/url][url=http://www.zcentric.com/wiki/tiki-index.php?page=Ldap]http://www.zcentric.com/wiki/tiki-index.php?page=Ldap

 

everything went exactly as it was supposed to, but at the end when it said i should be able to ssh in with the test user, it simply refused the password. i was typing this to get in :

ssh -l mytestuser undergroundinfection.net

it accepted the user name but not the password. I'm not sure what i did wrong. if anyone has any ideas I'd appreciate any help i can get. I've reread it numerous times and still can't see where im makin a mistake.

 

tek



trouble with ldap - hijinks - 2005-07-31

cat /etc/pam.d/system-auth


trouble with ldap - tek-69 - 2005-07-31


Code:
[root@undergroundinfection ~]cat /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so broken_shadow
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so
[root@undergroundinfection ~]






trouble with ldap - tek-69 - 2005-07-31


figured it out, in case anyone else ever has this problem , this is how i fixed it. in

 

vi /etc/ssh/sshd_config

 

scroll down till you see

# Set this to 'yes' to enable PAM keyboard-interactive authentication

# Warning: enabling this may bypass the setting of 'PasswordAuthentication'

#PAMAuthenticationViaKbdInt yes

 

then right under the #PAMAuthenticationViaKbdInt yes , add

UsePAM yes

 

then service sshd restart.