Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 7 Oct 2010 12:39:23 -0400 (EDT)
From:      Kevin Mai <kma@mrecic.gov.ar>
To:        Jason <jhelfman@e-e.com>
Cc:        Dan Nelson <dnelson@allantgroup.com>, freebsd-questions <freebsd-questions@freebsd.org>
Subject:   Re: LDAP Authentication from console
Message-ID:  <2142474853.75664.1286469563186.JavaMail.root@mrelmx10.mrec.ar>
In-Reply-To: <448088379.75662.1286469527610.JavaMail.root@mrelmx10.mrec.ar>
next in thread | previous in thread | raw e-mail | index | archive | help 
Didn't receive all the emails, thank god this maillist is indexed! ;)

login file:

http://pastebin.ca/1956943

sshd file:

http://pastebin.ca/1956946

system file:

http://pastebin.ca/1956948



----- Mensaje original -----
De: "Jason" <jhelfman@e-e.com>
Para: "Dan Nelson" <dnelson@allantgroup.com>
CC: "Kevin Mai" <kma@mrecic.gov.ar>, "freebsd-questions" <freebsd-questions=
@freebsd.org>
Enviados: Mi=C3=A9rcoles, 6 de Octubre 2010 14:00:08
Asunto: Re: LDAP Authentication from console

On Wed, Oct 06, 2010 at 11:59:53AM -0500, Dan Nelson thus spake:
>In the last episode (Oct 06), Kevin Mai said:
>> Hey guys,
>>
>> I've already configured PAM to authenticate against ldap and it works
>> wonderful using ssh/su/sudo/etc, but when I try to log in from
>> console it
>> prompts:
>>
>> login: kma
>> Password: xxxxxxxx
>> LDAP Password: xxxxxxxx (same as the first one)
>> Login Incorrect
>> login:
>
>Compare /etc/pam.d/login against one of your other pam services that
>works. What I do on my servers is add pam_ldap to pam.d/system, then
>blow away most
>of the lines in the other files and replace them with
>
>auth include system
>account include system
>session include system
>password include system
>
>, so I know everything uses the same configuration.

Back when I had used LDAP for authentication I also needed to edit
/etc/nsswitch.conf

Not sure if this is still the case, or if I was doing it incorrectly,
however not having didn't give me the ability to login via ldap.

-jgh

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2142474853.75664.1286469563186.JavaMail.root>