Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 04-10-2009, 06:13 AM   #1
LQ Newbie
Registered: Apr 2009
Posts: 1

Rep: Reputation: 0
LDAP Authentication: why `finger` and `id` commands are working but no `su` ??


I'm trying to configure a Ubuntu 8.10 client to authenticate
againts a openldap directory.

The client configuration (PAM, NSS and /etc/ldap.conf) is here:

I performed some test getting the following results:

`ldapsearch -xLLL`, `id $USER`, `finger $USER`
Those three commands work fine. See the ouput here:

`su $USER`
Prompts twice for a password and then fails.
See the output with a debug level 1:

My main question is:

Line 12 from `su $USER` output says:

"ldap_connect_to_host: TCP localhost:389"

It seems like it were trying to connect to the localhost but I
specified "host" and "uri ldap://" at the
/etc/ldap.conf file.

Maybe I need to specify a bind domain name but if I'm not wrong
the query will be permormed as anonymous and I have the followings
credentials at the server /etc/ldap/slapd.conf:

access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=carolina,dc=es" write
by anonymous auth
by self write
by * none

access to *
by dn="cn=admin,dc=carolina,dc=es" write
by * read

Any idea to solve this? Any one can enlight me?
Thank you in advance,



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Using LDAP Authentication jravnsba Linux - Software 2 12-07-2008 10:50 AM
LDAP Authentication not working t0bias Linux - Server 1 09-25-2008 09:02 AM
ldap authentication goestin Linux - Networking 2 12-27-2005 11:27 AM
Ldap Authentication joeyBig Programming 1 08-25-2004 10:00 AM
ldap authentication box_l Mandriva 0 03-22-2004 03:24 AM

All times are GMT -5. The time now is 04:36 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration