From owner-freebsd-questions@FreeBSD.ORG Mon Mar 16 10:48:57 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BB81D106564A for ; Mon, 16 Mar 2009 10:48:57 +0000 (UTC) (envelope-from ohartman@web.de) Received: from fmmailgate02.web.de (fmmailgate02.web.de [217.72.192.227]) by mx1.freebsd.org (Postfix) with ESMTP id 7C1718FC1A for ; Mon, 16 Mar 2009 10:48:57 +0000 (UTC) (envelope-from ohartman@web.de) Received: from smtp08.web.de (fmsmtp08.dlan.cinetic.de [172.20.5.216]) by fmmailgate02.web.de (Postfix) with ESMTP id 88D99FBB6B63; Mon, 16 Mar 2009 11:48:56 +0100 (CET) Received: from [130.133.86.198] (helo=telesto.geoinf.fu-berlin.de) by smtp08.web.de with asmtp (TLSv1:AES256-SHA:256) (WEB.DE 4.110 #277) id 1LjANM-0004M5-00; Mon, 16 Mar 2009 11:48:56 +0100 Message-ID: <49BE2E34.8040601@web.de> Date: Mon, 16 Mar 2009 10:47:16 +0000 From: "O. Hartmann" User-Agent: Thunderbird 2.0.0.19 (X11/20090311) MIME-Version: 1.0 To: freebsd-questions@freebsd.org, freebsd-current@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Sender: ohartman@web.de X-Sender: ohartman@web.de X-Provags-ID: V01U2FsdGVkX1/QJ/6VYiV2fgkid5+OzMz9w77gyRYH5OF+7rZG b242Q0grny+IuFjrTYBV0UZY70Y615V0qOXk2jYCWixqmexPIV I1UUx+1kc= Cc: Subject: Mar 16 10:41:41 thusnelda kernel: Mar 16 10:41:41 thusnelda sshd[19231]: fatal: login_get_lastlog: Cannot find account for uid XXX X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Mar 2009 10:48:58 -0000 After updating the LDAP server from OpenLDAP 2.4.14/db46 to 2.4.15/db47 I receive on an attached client the following message when trying to log in via ssh: Mar 16 10:41:41 thusnelda kernel: Mar 16 10:41:41 thusnelda sshd[19231]: fatal: login_get_lastlog: Cannot find account for uid I'm able to su - to the specific, by ssh blocked user which is kept in LDAP database. I'm a little bit worried, since I also updated OpenLDAP 2.4.14 on the client to OpenLDAP 2.4.15 and did so with nss_ldap and pam_ldap. Searching for IDs on the client which are kept in the LDAP database performs well. Also a authetication of users accessing webpages secured via authentication through LDAP (lighttpd) works well with the LDAP server in question. But no ssh-login works! I checked the sshd_config file in /etc/ssh but it hasn't been changed, so I guess there is possibly another issue. Any hints or tips are appreciated, regards and thanks in advance, Oliver