LinuxQuestions.org - LDAP authentication

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - LDAP authentication (https://www.linuxquestions.org/questions/linux-newbie-8/ldap-authentication-937665/)

LDAP authentication

Hi everyone,
Actually iam trying to authenticate Sun One directory server user in RHEL[RedHat Linux] version 5.5 by using PAM.For this iam using two machines, my Sun One Directory Sever[version 5.1] is residing in windows 2003 server and a linux machine.I have made necessary PAM configuration,but ultimately couldn't authenticate a user.Can anyone help me out please.

Could you please send me the steps for PAM configuration as well,for double check.

Why would we send you "steps" when you can google for them? And how are we supposed to help you when you've provided no useful information about your system at all? are you able to bind to ldap with a valid user? are you getting user accounts from the server?

LDAP authentication

Hi Chris,
Sorry for not providing valid information.nope iam unable to bind with server.iam not getting any user accounts.through google i have got steps, but when i followed those steps,iam unable to authenticate.
i have got the following error message in my Linux machine log files.

Apr 2 06:44:24 sankarlinux gdm[4325]:Couldn't authenticate user
Apr 2 06:44:24 sankarlinux gdm[4325]: writing failed session attempt record
Apr 2 06:44:24 sankarlinux gdm[4325]: using username gwashington
Apr 2 06:44:24 sankarlinux gdm[4325]: using id
Apr 2 06:44:24 sankarlinux gdm[4325]: using line :0
Apr 2 06:44:24 sankarlinux gdm[4325]: using time 1333363464
Apr 2 06:44:24 sankarlinux gdm[4325]: using type USER_PROCESS
Apr 2 06:44:24 sankarlinux gdm[4325]: using pid 4325
Apr 2 06:44:24 sankarlinux gdm[4325]: writing failed session attempt record to /var/log/btmp
Apr 2 06:44:24 sankarlinux gdm[4325]: gdm_slave_wait_for_login: end verify for ''
Apr 2 06:44:24 sankarlinux gdm[4325]: gdm_slave_wait_for_login: No login/Bad login
Apr 2 06:44:24 sankarlinux gdm[4325]: gdm_slave_wait_for_login: In loop

by bind, I meant can you use ldapsearch as a sample user? If not, nothing else matters. make that work, and then go on from there. Don't just treat this sort of setup as a single thing. show you can can pull back a users object from ldap bound as that user.

You're also showing gdm log output? That's about as far away from where you're looking as you can get. for the user info side, you need "getent passwd" and "getent group" to show you the accounts as well. After a valid ldapsearch that is.