Date: Thu, 11 Jul 2002 21:38:56 +0200 From: Alex <freebsd@akruijff.dds.nl> To: freebsd-questions@freebsd.org Subject: pam_ldap error Message-ID: <14037532729.20020711213856@dds.nl>
next in thread | raw e-mail | index | archive | help
Beste freebsd-questions, My aim is to setup a samba PDC and BDC server for a windows network and integrate the password database. So that any change will also reflect the other OS. To avoid changing the password two times, or adding a user twice. And now i got an error from the pam_ldap module telling me it cannot bind as a user that does exist. Any idea what i did wrong? I have done this according to the how-to: http://samba.idealx.org/dist/samba-ldap-howto.pdf. I'm not at chapter 5 and am stuck. I have installed OpenLDAP 2.0 and pam_ldap. Have setup the database as follow: dc=domain,dc=org | `--- ou=Users | `--- ou=Computers | `--- ou=Groups I have modified /etc/pam.conf for login only first: >login auth sufficient pam_skey.so >login auth requisite pam_cleartext_pass_ok.so >#login auth sufficient pam_kerberosIV.so try_first_pass >login auth sufficient pam_ldap.so try_first_pass >login auth sufficient pam_unix.so try_first_pass >login auth required pam_deny.so >login account sufficient pam_ldap.so >login account sufficient pam_unix.so >login account required pam_deny.so >login password required pam_permit.so >login session required pam_permit.so And modified /usr/local/etc/ldap.conf = /usr/local/etc/openldap/ldap.conf (link, same fs) ># Your LDAP server. Must be resolvable without using LDAP. >URI ldap://127.0.0.1 > ># The distinguished name of the search base. >base dc=kruij557,dc=speed,dc=planet,dc=nl > >ldap_version 2 > ># we use ?sub (and not the default ?one) because we ># separated sambaAccounts on ou=Computers,dc=IDEALX,dc=org ># and ou=Users,dc=IDEALX,dc=org >nss_base_passwd dc=kruij557,dc=speed,dc=planet,dc=nl?sub >nss_base_shadow dc=kruij557,dc=speed,dc=planet,dc=nl?sub >nss_base_group ou=Groups,dc=kruij557,dc=speed,dc=planet,dc=nl?one > >ssl no >pam_password md5 I have set the default access to the openldap database to write. When i try to connect as the newly installed user 'test' then i get the following error: (out over /messages) Jul 11 20:15:27 Intranet login: pam_ldap: error trying to bind as user "uid=test,ou=Users,dc=domain,dc=com" (Invalid credentials) #slapcat dn: uid=test,ou=Users,dc=domain,dc=com objectClass: top objectClass: account objectClass: posixAccount cn: test uid: test uidNumber: 1000 gidNumber: 100 homeDirectory: /home/test loginShell: /bin/sh gecos: System User description: System User creatorsName: cn=Manager,dc=domain,dc=com createTimestamp: 20020711123408Z modifiersName: cn=Manager,dc=domain,dc=com modifyTimestamp: 20020711123408Z userPassword:: e1NTSEF9WFF0OTVJNy9iaklYdHovQjFBNk5oQ3c0Y2tCemlSRWI= -- Met vriendelijke groet, Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14037532729.20020711213856>