Re: User Authentication with nslcd 0.8.13

[Priya Seshaadri <priya.sesh [at] gmail.com>]

I am not seeing any errors in particular from nslcd. Do I need to install certificates? 

On Mon, Aug 5, 2013 at 4:59 PM, Priya Seshaadri <priya.sesh [at] gmail.com> wrote:

Hi All,

I am trying user authentication with LDAP with nss-pam-ldapd on an arm-based client. The LDAP server is all set up. I tried querying the server from the client using ldapsearch and it returns the entries correctly. However logging in to the client doesn't work. Has anybody faced this problem before? i'm using nss-pam-ldapd version 0.8.13.

Here's what I got when I ran nslcd in debug mode:

--------------------------------------------------------------------------------------

$ arm-linux-nslcd -d

nslcd: DEBUG: add_uri(ldap://192.168.21.5)

nslcd: version 0.8.13 starting

nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory

nslcd: DEBUG: initgroups("admin",1002) done

nslcd: DEBUG: setgid(1002) done

nslcd: DEBUG: setuid(1002) done

nslcd: accepting connections

nslcd: [8b4567] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [8b4567] <protocol="ip"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=ipProtocol)(cn=ip))")

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_initialize(ldap://192.168.21.5)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_rebind_proc()

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_simple_bind_s(NULL,NULL) (uri="ldap://192.168.21.5")

nslcd: [8b4567] <protocol="ip"> DEBUG: ldap_result(): end of results (0 total)

nslcd: [7b23c6] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [7b23c6] <protocol="ip"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=ipProtocol)(cn=ip))")

nslcd: [7b23c6] <protocol="ip"> DEBUG: ldap_result(): end of results (0 total)

nslcd: [3c9869] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [3c9869] <host=192.168.11.3> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=ipHost)(ipHostNumber=192.168.11.3))")

nslcd: [3c9869] <host=192.168.11.3> DEBUG: ldap_result(): end of results (0 total)

nslcd: [334873] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [334873] <passwd="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=posixAccount)(uid=priyas))")

nslcd: [334873] <passwd="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [334873] <passwd="priyas"> (re)loading /etc/nsswitch.conf

nslcd: [334873] <passwd="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [b0dc51] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [b0dc51] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_initialize(ldap://192.168.21.5)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_rebind_proc()

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_simple_bind_s(NULL,NULL) (uri="ldap://192.168.21.5")

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [b0dc51] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [495cff] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [495cff] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [495cff] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [495cff] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [e8944a] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [e8944a] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [e8944a] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [e8944a] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [5558ec] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [5558ec] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [5558ec] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [5558ec] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [8e1f29] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [8e1f29] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [8e1f29] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [8e1f29] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: [e87ccd] DEBUG: connection from pid=1661 uid=0 gid=0

nslcd: [e87ccd] <shadow="priyas"> DEBUG: myldap_search(base="dc=priya,dc=com", filter="(&(objectClass=shadowAccount)(uid=priyas))")

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_initialize(ldap://192.168.21.5)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_rebind_proc()

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_simple_bind_s(NULL,NULL) (uri="ldap://192.168.21.5")

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_result(): uid=priyas,ou=people,dc=priya,dc=com

nslcd: [e87ccd] <shadow="priyas"> DEBUG: ldap_result(): end of results (1 total)

nslcd: caught signal SIGINT (2), shutting down

nslcd: DEBUG: ldap_unbind()

nslcd: DEBUG: ldap_unbind()

nslcd: DEBUG: ldap_unbind()

nslcd: version 0.8.13 bailing out

--------------------------------------------------------------------------------------

That SIGINT is just me doing a Ctrl-C on keyboard. Any help is appreciated.

Thanks,

Priya

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/