Last issue:
existing local user with ldap login: (simple bind)
nslcd: [ed7263] <authz="patrikx3"> DEBUG:
ldap_start_tls_s()
nslcd: [ed7263] <authz="patrikx3"> DEBUG: ldap_simple_bind_s(NULL,NULL)
(uri="ldap://patrikx3.tk????!StartTLS")
nslcd: [ed7263] <authz="patrikx3"> DEBUG: ldap_result():
uid=patrikx3,ou=users,dc=patrikx3,dc=tk
nslcd: [ed7263] <authz="patrikx3"> DEBUG:
myldap_search(base="dc=patrikx3,dc=tk",
filter="(&(objectClass=shadowAccount)(uid=patrikx3))")
nslcd: [ed7263] <authz="patrikx3"> DEBUG: ldap_result():
uid=patrikx3,ou=users,dc=patrikx3,dc=tk
nslcd: [dcc233] DEBUG: connection from pid=1788 uid=0 gid=0
nslcd: [dcc233] <sess_o="patrikx3"> DEBUG:
nslcd_pam_sess_o("patrikx3","systemd-user","","",""):
TFAtM7eBH6QPS24pfpCC5mTc
nslcd: [e49eb4] DEBUG: connection from pid=1784 uid=0 gid=0
nslcd: [e49eb4] <sess_c="patrikx3"> DEBUG:
nslcd_pam_sess_c("patrikx3","sshd",9y0KePKXopZpxYkQlRjhzsaa)
nslcd: [f32454] DEBUG: connection from pid=1789 uid=1000 gid=1000
nslcd: [f32454] <sess_c="patrikx3"> DEBUG:
nslcd_pam_sess_c("patrikx3","systemd-user",TFAtM7eBH6QPS24pfpCC5mTc)
nslcd: [a88611] DEBUG: connection from pid=1878 uid=0 gid=0
existing without local user with ldap login: (why is it sasl
bind now?)
nslcd: [a88611] <authc="patrikx3"> DEBUG:
ldap_start_tls_s()
nslcd: [a88611] <authc="patrikx3"> DEBUG:
ldap_sasl_bind("uid=patrikx3,ou=users,dc=patrikx3,dc=tk","***")
(uri="ldap://patrikx3.tk????!StartTLS") (ppolicy=yes)
nslcd: [a88611] <authc="patrikx3"> DEBUG:
ldap_parse_result() result: Invalid credentials
nslcd: [a88611] <authc="patrikx3"> DEBUG: failed to bind to
LDAP server ldap://patrikx3.tk????!StartTLS: Invalid credentials
nslcd: [a88611] <authc="patrikx3"> DEBUG: ldap_unbind()
nslcd: [a88611] <authc="patrikx3">
uid=patrikx3,ou=users,dc=patrikx3,dc=tk: Invalid credentials
nslcd: [a88611] <authc="patrikx3"> DEBUG:
myldap_search(base="dc=patrikx3,dc=tk",
filter="(&(objectClass=shadowAccount)(uid=patrikx3))")
nslcd: [a88611] <authc="patrikx3"> DEBUG: ldap_result():
uid=patrikx3,ou=users,dc=patrikx3,dc=tk
On 02/05/2017 08:27 PM, Patrik Laszlo
wrote:
Also, if there is a local user with the same user, it works, if
I delete the local user, it does not work.
Weird!
Please help what to do! I added auto create home user as well!
On 02/05/2017 07:52 PM, Patrik Laszlo
wrote:
Hello!
Could you help me a simple problem? (Debian Testing repo)
I can login via LDAP, but I get the log like this via
nslcd:
nslcd: [7b23c6] <authc="patrikx3"> DEBUG:
ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
nslcd: [7b23c6] <authc="patrikx3"> DEBUG:
ldap_start_tls_s()
nslcd: [7b23c6] <authc="patrikx3"> DEBUG: ldap_sasl_bind("uid=patrikx3,ou=users,dc=patrikx3,dc=tk","***")
(uri="ldapi:///") (ppolicy=yes)
nslcd: [7b23c6] <authc="patrikx3"> DEBUG: ldap_parse_result()
result: Invalid credentials
nslcd: [7b23c6] <authc="patrikx3"> DEBUG: failed to bind
to LDAP server ldapi:///: Invalid credentials
nslcd: [7b23c6] <authc="patrikx3"> DEBUG: ldap_unbind()
nslcd: [7b23c6] <authc="patrikx3">
uid=patrikx3,ou=users,dc=patrikx3,dc=tk: Invalid credentials
nslcd: [7b23c6] <authc="patrikx3"> DEBUG:
myldap_search(base="ou=users,dc=patrikx3,dc=tk",
filter="(&(objectClass=shadowAccount)(uid=patrikx3))")
nslcd: [7b23c6] <authc="patrikx3"> DEBUG: ldap_result():
uid=patrikx3,ou=users,dc=patrikx3,dc=tk
In LDAP START TLS it works via ldap search.Also I can see
it finds the user!
The settings /etc/nslcd.cong:
uid nslcd
gid nslcd
uri ldapi:///
#also
#uri ldap://patrikx3.tk????!StartTLS
base ou=users,dc=patrikx3,dc=tk
ssl start_tls
tls_reqcert never
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
Could you help me?
Patrik
|