Re: Centos ldap authentication via pam_ldap slow, how to debug?
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: Centos ldap authentication via pam_ldap slow, how to debug?
- From: Arthur de Jong <arthur [at] arthurdejong.org>
- To: Rob Audenaerde <Rob.Audenaerde [at] Valuecare.nl>, "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
- Subject: Re: Centos ldap authentication via pam_ldap slow, how to debug?
- Date: Mon, 30 May 2016 21:20:04 +0200
On Mon, 2016-05-30 at 07:16 +0000, Rob Audenaerde wrote:
> Except there seems to be a delay of about 20-30 seconds before I can
> log in. I also set-...
>
> This is all the logging I could find:
>
> May 27 16:07:04 machine1 unix_chkpwd[7699]: password check failed for user
> (robau)
> May 27 16:07:04 machine1 sshd[7697]: pam_unix(sshd:auth): authentication
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.125.24 user=robau
> May 27 16:07:20 machine1 sshd[7697]: pam_ldap: ldap_result Timed out
> May 27 16:07:20 machine1 sshd[7697]: pam_ldap: ldap_result Timed out
> May 27 16:07:20 machine1 sshd[7697]: Accepted password for robau from
> 192.168.125.24 port 34788 ssh2
>
> I tried adding 'debug' in de pam.d files:
>
> password sufficient pam_ldap.so use_authtok debug
>
> That did not give me extra logging. Also, I added some debug level in
> the pam.conf, but that also did not give me more results.
It seems you are using the PADL version of pam_ldap and not nss-pam-
ldapd's PAM module. This means that you probably need to configure it
in /etc/ldap.conf or /etc/pam_ldap.conf (the exact configuration file
is system-dependant).
Hope this helps,
--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
