From owner-freebsd-questions@FreeBSD.ORG Fri Jul 1 09:20:05 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B767F16A41F for ; Fri, 1 Jul 2005 09:20:05 +0000 (GMT) (envelope-from f.bonnet@esiee.fr) Received: from mail.esiee.fr (mail.esiee.fr [147.215.1.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A62D43D55 for ; Fri, 1 Jul 2005 09:20:04 +0000 (GMT) (envelope-from f.bonnet@esiee.fr) Received: from mail.esiee.fr (localhost.esiee.fr [127.0.0.1]) by mail.esiee.fr (Postfix) with SMTP id 8B805365917 for ; Fri, 1 Jul 2005 11:20:03 +0200 (CEST) Received: from [147.215.1.13] (desolation.esiee.fr [147.215.1.13]) by mail.esiee.fr (Postfix) with ESMTP id 4D25C36590E for ; Fri, 1 Jul 2005 11:20:03 +0200 (CEST) Message-ID: <42C50AC2.90700@esiee.fr> Date: Fri, 01 Jul 2005 11:20:02 +0200 From: Frank Bonnet User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: LDAP auth troubles X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jul 2005 09:20:05 -0000 Hello I have a strange problem with a FreeBSD 5.4 NFS client I have installed nss_ldap and pam_ldap then configure the /etc/pam.d/login file as follows : # # $FreeBSD: src/etc/pam.d/login,v 1.16 2003/06/14 12:35:05 des Exp $ # # PAM configuration for the "login" service # # auth auth required pam_nologin.so no_warn auth sufficient pam_self.so no_warn auth sufficient /usr/local/lib/pam_ldap.so auth include system # account account requisite pam_securetty.so account include system # session session include system # password password include system The problem is I can "su - some-ldap-user" as root but I cannot perform a normam login session with this user or I cannot ftp to this machine. I think authentication is not performed but I don't see where I did the mistake, I am not really familiar with PAM so I think I'm wrong somewhere but ... where ? If I "su -" to some user I fall in the homedir of the user but I have no write access to the homedir ... We have a lot of LDAP clients ( Linux and HPUX )that access to the users's homedir thru NFS without problem. Thanks a lot for any help. -- Cordialement/Regards Frank Bonnet