RSS feed

Re: pam_login_attribute missing from nss-pam-ldapd

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: pam_login_attribute missing from nss-pam-ldapd

On Oct 16, 2015, at 12:32 PM, Arthur de Jong <arthur [at]> wrote:

On Thu, 2015-10-15 at 16:26 -0400, Jackie Meese wrote:
Attempts to figure this out from documentation have led me to try
without any luck in /etc/nslcd.conf:
map    passwd uid uupid

This should be the replacement for pam_login_attribute because the NSS
and PAM configuration are combined in nss-pam-ldapd.

In short, is there a replacement for pam_login_attribute in version
0.8.13 (specifically the version included in CentOS 7, but this
doesn't feel like a bug, so I'm asking here)?

What are you seeing when performing an authentication attempt? Running
nslcd in debug mode often helps finding configuration issues. Also,

Starting at the debug output for a while, knowing that the map line above was correct led me to see that the query made was:

<authc="jackie"> DEBUG: myldap_search(base="ou=People,dc=vt,dc=edu", filter="(&(objectClass=posixAccount)(uuid=jackie))")

So I added a filter line to the conf file:
filter passwd (uuid=*)

So it's working now. Thanks for the help and for confirming my "map" line. Knowing that should be right helped me debug it.

Jackie Meese, Assistant Director, Computer Systems Administration
Technology-enhanced Learning and Online Strategies - Innovation Catalyst Group
Institute for Creativity, Arts, and Technology
I am, and always will be, an idiot.

To unsubscribe send an email to or see