ldap password problems
[Date Prev][Date Next] [Thread Prev][Thread Next]ldap password problems
- From: Marco Naimoli <marco.naimoli [at] unipd.it>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: ldap password problems
- Date: Tue, 28 Jul 2020 15:48:11 +0200
Hello, I hope it's the right place for the following question: I've setup a linux box
with ldap authentication, using pam-ldapd, nss-ldapd etc.etc.
Operations like "su - ldapuser" works perfectly; but when I try to authenticate ldapuser
(using ssh, or doing a "su - ldapuser" from non-root user or calling "login" program)
authentication fails.
Trying to debug I see the following logs ("gigio" is the ldap user):
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_initialize(ldap://localhost)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_rebind_proc()
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_sasl_bind("uid=gigio,ou=staff,dc=ict,dc=unipd,dc=it","***") (uri="ldap://localhost") (ppolicy=no)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_parse_result() result: Unknown error
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: failed to bind to LDAP server ldap://localhost: Unknown error
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_unbind()
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_rebind_proc()
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_sasl_bind("uid=gigio,ou=staff,dc=ict,dc=unipd,dc=it","***") (uri="ldap://localhost") (ppolicy=no)
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_parse_result() result: Unknown error
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: failed to bind to LDAP server ldap://localhost: Unknown error
Jul 28 14:59:12 server nslcd[5382]: [0e0f76] <authc="gigio"> DEBUG: ldap_unbind()
ldap is installed on localhost; tls is disabled
I've checked slapd logs, too, but I don't see any problem
The "Unknown error" is not a useful message for me and I don't know how to increase the nslcd log level; I suppose there's a big error, but I cannot see
gigio, the ldap user has posixAccount and shadowAccount object classes; the database acls
are, to simplify testing:
to * by * write
Any suggestion ?
Thanks
Marco
- ldap password problems, Marco Naimoli
- Re: ldap password problems, Marco Naimoli
- Prev by Date: Re: nss_schema in nslcd.conf
- Next by Date: Re: ldap password problems
- Previous by thread: Re: nss_schema in nslcd.conf
- Next by thread: Re: ldap password problems