RSS feed

Re: Need help in integration of pam and ldap using nss-pam-ldapd

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Need help in integration of pam and ldap using nss-pam-ldapd

I had tested by turning off NSCD.

ldapsearch is working and sample output is as below


[root@AIO-ANDSF ~]# ldapsearch -H ldap:// -x -D "uid=pam_ldap,ou=system" -W -b "ou=system" -s one -a always -z 1000 "(objectClass=*)" "hasSubordinates" "objectClass"

Enter LDAP Password: 

# extended LDIF


# LDAPv3

# base <ou=system> with scope oneLevel

# filter: (objectClass=*)

# requesting: hasSubordinates objectClass 



# pam_ldap, system

dn: uid=pam_ldap,ou=system

objectClass: top

objectClass: inetOrgPerson

objectClass: person

objectClass: organizationalPerson


# configuration, system

dn: ou=configuration,ou=system

objectClass: top

objectClass: organizationalUnit


# consumers, system

dn: ou=consumers,ou=system

objectclass: top

objectclass: organizationalUnit


# sysPrefRoot, system

dn: prefNodeName=sysPrefRoot,ou=system

objectClass: top

objectClass: organizationalUnit

objectClass: extensibleObject


# search result

search: 2

result: 0 Success


# numResponses: 5

# numEntries: 4

[root@AIO-ANDSF ~]# 


Please find attached files.





From: William MacAllister <>
Date: Wednesday, May 24, 2017 at 11:43 AM
To: "Kedar Sirshikar (ksirshik)" <>
Cc: "" <>
Subject: Re: Need help in integration of pam and ldap using nss-pam-ldapd


First, just simple ldapsearches are working, right?


Frequently nscd is also install for you by your package management system when nss-pam-ldapd is installed.  While you are testing it is best to turn it off because a stale cache can cause an assortment of problems.  Turn of nscd if it is installed and try again.


If that doesn't work post your nslcd.conf and the ldif for a user, i.e. the output from 'ldapsearch uid=someuser'.




On Tue, May 23, 2017 at 4:44 PM, Kedar Sirshikar (ksirshik) <ksirshik [at]> wrote:

Hi team,

I am trying to do a POC to integrate PAM with LDAP. After exploring on google, I came to know that I can use ‘nss-pam-ldapd’ package.


For LDAP server, I am using ApacheDS plug-in from Eclipse.


For client, I installed ‘nss-pam-ldapd’ on CentOS 6.8. I followed ‘’ wiki to update PAM and NSLCD configurations.

I can see that ldapsearch is working fine but I am not able to connect to LDAP through PAM and NSLCD.

I am testing based on below two approaches:

1.       I am using ‘pwauth’ which is expected to authenticate user based on PAM-LDAP integration.

2.       I tried ‘getent passwd’ command but I do not get any user from LDAP

I do not even see any logs getting generated. May I know how to activate logs for PAM, NSS, NSLCD?


I am very novice to all these concepts so please help me in understanding/fixing above issue.

Also, kindly let me know if you need more details from my side.

Thank you!





To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe [at] or see



Bill MacAllister

Corp SRE, Dropbox

Attachment: nslcd.conf
Description: nslcd.conf

Attachment: nsswitch.conf
Description: nsswitch.conf

Attachment: system-auth
Description: system-auth

To unsubscribe send an email to or see