Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
trouble with ldap
#1

i was trying to set up ldap by following this how-to : [/url][url=http://www.zcentric.com/wiki/tiki-index.php?page=Ldap]http://www.zcentric.com/wiki/tiki-index.php?page=Ldap

 

everything went exactly as it was supposed to, but at the end when it said i should be able to ssh in with the test user, it simply refused the password. i was typing this to get in :

ssh -l mytestuser undergroundinfection.net

it accepted the user name but not the password. I'm not sure what i did wrong. if anyone has any ideas I'd appreciate any help i can get. I've reread it numerous times and still can't see where im makin a mistake.

 

tek

Reply
#2
cat /etc/pam.d/system-auth
Reply
#3

Code:
[root@undergroundinfection ~]cat /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so broken_shadow
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so
[root@undergroundinfection ~]




Reply
#4

figured it out, in case anyone else ever has this problem , this is how i fixed it. in

 

vi /etc/ssh/sshd_config

 

scroll down till you see

# Set this to 'yes' to enable PAM keyboard-interactive authentication

# Warning: enabling this may bypass the setting of 'PasswordAuthentication'

#PAMAuthenticationViaKbdInt yes

 

then right under the #PAMAuthenticationViaKbdInt yes , add

UsePAM yes

 

then service sshd restart.

Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)