LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 12-15-2008, 02:48 PM   #1
capibolso
LQ Newbie
 
Registered: Dec 2008
Posts: 1

Rep: Reputation: 0
PAM authentication failure


My PAM module seems to work right but it fails in authentication. Althought it can't authenticate, the session module works and the software who uses it executes well.

For example, when I login through "gdm" using pam to authenticate against an ldap server
/var/log/auth.log shows
Code:
pam_unix(gdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=myuser
pam_unix(gdm:session): session opened for user myuser by (uid=0)
Any ideas?

Last edited by capibolso; 12-16-2008 at 07:26 AM. Reason: improving reasons
 
Old 05-01-2013, 04:24 AM   #2
F1Linux
LQ Newbie
 
Registered: Apr 2013
Location: United Kingdom
Distribution: CentOS
Posts: 5

Rep: Reputation: Disabled
LDAP not being consulted during PAM authentication

Hi capibolso-

It's clear that your LDAP server is not being consulted as a source of authentication by PAM. Below is a specimen of what you should be seeing in your logs if PAM is using LDAP:

May 1 08:06:48 ns1 sshd[32592]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=myComputer.f1linux.com user=myUsername
May 1 08:06:48 ns1 sshd[32592]: Accepted password for myUsername from 10.10.10.10 port 60069 ssh2
May 1 08:06:48 ns1 sshd[32592]: pam_unix(sshd:session): session opened for user myUsername
[/CODE]

The following are some HowTo's I bunged on my blog which you may find useful. Please note that the blog entries are geared towards more modern LDAP configurations and work with RHEL/CentOS 6+ . If you're using some ancient setup, you might find issues:

The first link details how to configure LDAP clients for PAM:

http://blog.f1linux.com/2013/04/21/h...oubleshooting/

And the next link details how to unpick LDAP errors. The LDAP queries have to wind through various parts of the system for everything to work correctly. The trick is, knowing at what point things are breaking:

http://blog.f1linux.com/2013/04/25/h...t-ldap-errors/

Hope this helps somebody out. LDAP is a monkey to be sure and it's really not been very well documented, hence my own efforts. LDAP is brilliant, but I can't believe how totally either absent, or just obtuse & unhelpful whatever has been written is.

-Terrence
 
  


Reply

Tags
auth, authentication, failure, gdm, linux, pam, session, unix


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I need help with authentication PAM - SQUID karlag Linux - Server 10 08-19-2008 08:18 PM
PAM authentication onik Linux - Software 0 06-27-2008 03:59 AM
How does PAM Authentication Work? ejennings_98 Linux - Security 1 10-31-2003 03:29 PM
PAM User Login Authentication Failure robeb Linux - Security 5 11-16-2002 09:01 PM
NIS and pam/gdm authentication failure cquense Linux - Networking 0 07-05-2001 04:08 AM


All times are GMT -5. The time now is 09:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration