Re: Issues w/ LDAP & PAM on Ubuntu 22.04
[
Date Prev][Date Next]
[
Thread Prev][Thread Next]
Re: Issues w/ LDAP & PAM on Ubuntu 22.04
- From: Philip Prindeville <philipp_subx [at] redfish-solutions.com>
- To: Arthur de Jong <arthur [at] arthurdejong.org>
- Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: Issues w/ LDAP & PAM on Ubuntu 22.04
- Date: Mon, 11 Dec 2023 19:04:58 -0700
> On Dec 11, 2023, at 4:13 PM, Arthur de Jong <arthur@arthurdejong.org> wrote:
>
> On Mon, 2023-12-11 at 11:24 -0700, Philip Prindeville wrote:
>> I'm using LDAP (slapd) on a remote Ubuntu server, and my client is
>> configured to use nss_ldap and nslcd.
>
> On Ubuntu you most likely want to install both libnss-ldapd and libpam-
> ldapd (note the extra d at the end). Those use nslcd which is
> configured via /etc/nslcd.conf.
>
> You appear to be using libpam-ldap (judging from the logs).
>
> https://arthurdejong.org/nss-pam-ldapd/setup contains some debugging
> tips (e.g. first check that the NSS part works with `getent passwd`).
>
>
> Hope this helps,
Seems I was bit by this:
pprindeville@tnsr1:~$ zcat /usr/share/doc/nslcd/NEWS.Debian.gz | head -n15
nss-pam-ldapd (0.9.0-1) experimental; urgency=low
The 0.9 release changes the communication protocol used between the NSS
and PAM modules on one end and the nslcd process on the other end.
This means that after the upgrade, if the new nslcd is running, processes
that have the old NSS or PAM module already loaded will be unable to
perform queries.
For example, if a screensaver that was running before the upgrade has
locked the screen during the upgrade, the user will no longer be able to
unlock the screen.
-- Arthur de Jong <adejong@debian.org> Sat, 06 Apr 2013 15:00:00 +0200
And rebooting did indeed resolve the issue.