LDAP, VSFTPD Not authenticating.
Hey.
I installed LDAP, VSFTPD and pam_ldap. I am trying to get vsftpd to authenticate against ldap. According to ldap the password for the user logging in is: {MD5}BsIZ5byDePOoo/g7S35GSQ (should be mysecret) In the ldap.conf, it makes no difference wether I say password pam_password md5 or pam_password clear mail is the hostname of my server. This shows the user as seen from phpldapadmin: http://dave.angelpiper.com/ss.gif The image is 1400x1050, you might have to stretch it if you are using windows XP. BEcause it will shrink it. My attempt to login to FTP: mail:/etc # ftp 127.0.0.1 Connected to localhost. 220 "Welcome to mydomain.net FTP Server " Name (127.0.0.1:dave): myusername 331 Please specify the password. Password: [I type: mysecret] 530 Login incorrect. ftp: Login failed. ftp> Why does it say Login Failed? I want it to login! Slapd.conf ===== include /etc/openldap/schema/core.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/dhcp.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/suse-email-server.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/samba3.schema include /etc/openldap/schema/yast2userconfig.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args modulepath /usr/lib/openldap/modules moduleload back_bdb.la moduleload back_ldap.la moduleload back_ldbm.la moduleload back_passwd.la moduleload back_shell.la database ldbm suffix "dc=mydomain,dc=net" rootdn "cn=Manager,dc=mydomain,dc=net" rootpw mysecret password-hash {MD5} directory /var/lib/ldap index objectClass eq loglevel 4095 pam.d/vsftpd==== #%PAM-1.0 # Uncomment this to achieve what used to be ftpd -A. # auth required pam_listfile.so item=user sense=allow file=/etc/ftpchroot onerr=fail #auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed # Uncomment the following line for anonymous ftp. #auth sufficient pam_ftp.so #auth required pam_unix2.so #auth required pam_shells.so #account required pam_unix2.so #password required pam_unix2.so #session required pam_unix2.so auth sufficient /lib/security/pam_ldap.so auth required pam_unix2.so account sufficient /lib/security/pam_ldap.so account required pam_unix2.so password sufficient /lib/security/pam_ldap.so password required pam_unix2.so ldap.conf (the one that pam uses)==== # Your LDAP server. Must be resolvable without using LDAP. host 192.168.7.154 # The distinguished name of the search base. base dc=mydomain,dc=net # The LDAP version to use (defaults to 3 # if supported by client library) ldap_version 3 # The distinguished name to bind to the server with. # Optional: default is to bind anonymously. binddn cn=Manager,dc=mydomain,dc=net # The credentials to bind with. # Optional: default is no credential. bindpw mysecret # The distinguished name to bind to the server with # if the effective user ID is root. Password is # stored in /etc/ldap.secret (mode 600) #rootbinddn cn=Manager,dc=mydomain,dc=net # The port. port 389 # The search scope. scope base # The user ID attribute (defaults to uid) pam_login_attribute uid # Do not hash the password at all; presume # the directory server will do it, if # necessary. This is the default. pam_password clear #pam_password md5 pam_password_prohibit_message Please visit http://internal to change your password. /var/log/messages when i try and log into vsftpd ==== Jan 14 12:52:25 mail slapd[7562]: daemon: activity on 1 descriptors Jan 14 12:52:25 mail slapd[7562]: daemon: new connection on 10 Jan 14 12:52:25 mail slapd[7562]: conn=1 fd=10 ACCEPT from IP=192.168.7.154:4295 (IP=0.0.0.0:389) Jan 14 12:52:25 mail slapd[7562]: daemon: added 10r Jan 14 12:52:25 mail slapd[7562]: daemon: activity on: Jan 14 12:52:25 mail slapd[7562]: Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=7 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: activity on 1 descriptors Jan 14 12:52:25 mail slapd[7562]: daemon: activity on: Jan 14 12:52:25 mail slapd[7562]: 10r Jan 14 12:52:25 mail slapd[7562]: Jan 14 12:52:25 mail slapd[7562]: daemon: read activity on 10 Jan 14 12:52:25 mail slapd[7562]: connection_get(10) Jan 14 12:52:25 mail slapd[7562]: connection_get(10): got connid=1 Jan 14 12:52:25 mail slapd[7562]: connection_read(10): checking for input on id=1 Jan 14 12:52:25 mail slapd[7562]: ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) Jan 14 12:52:25 mail slapd[7588]: do_bind Jan 14 12:52:25 mail slapd[7588]: >>> dnPrettyNormal: <cn=Manager,dc=mydomain,dc=net> Jan 14 12:52:25 mail slapd[7588]: <<< dnPrettyNormal: <cn=Manager,dc=mydomain,dc=net>, <cn=manager,dc=mydomain,dc=net> Jan 14 12:52:25 mail slapd[7588]: do_bind: version=3 dn="cn=Manager,dc=mydomain,dc=net" method=128 Jan 14 12:52:25 mail slapd[7588]: conn=1 op=0 BIND dn="cn=Manager,dc=mydomain,dc=net" method=128 Jan 14 12:52:25 mail slapd[7588]: ==> ldbm_back_bind: dn: cn=Manager,dc=mydomain,dc=net Jan 14 12:52:25 mail slapd[7588]: conn=1 op=0 BIND dn="cn=Manager,dc=mydomain,dc=net" mech=SIMPLE ssf=0 Jan 14 12:52:25 mail slapd[7588]: do_bind: v3 bind: "cn=Manager,dc=mydomain,dc=net" to "cn=Manager,dc=mydomain,dc=net" Jan 14 12:52:25 mail slapd[7588]: send_ldap_result: conn=1 op=0 p=3 Jan 14 12:52:25 mail slapd[7588]: send_ldap_result: err=0 matched="" text="" Jan 14 12:52:25 mail slapd[7588]: send_ldap_response: msgid=1 tag=97 err=0 Jan 14 12:52:25 mail slapd[7588]: conn=1 op=0 RESULT tag=97 err=0 text= Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=7 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: activity on 1 descriptors Jan 14 12:52:25 mail slapd[7562]: daemon: activity on: Jan 14 12:52:25 mail slapd[7562]: 10r Jan 14 12:52:25 mail slapd[7562]: Jan 14 12:52:25 mail slapd[7562]: daemon: read activity on 10 Jan 14 12:52:25 mail slapd[7562]: connection_get(10) Jan 14 12:52:25 mail slapd[7562]: connection_get(10): got connid=1 Jan 14 12:52:25 mail slapd[7562]: connection_read(10): checking for input on id=1 Jan 14 12:52:25 mail slapd[7562]: ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) Jan 14 12:52:25 mail slapd[7589]: do_search Jan 14 12:52:25 mail slapd[7589]: >>> dnPrettyNormal: <dc=mydomain,dc=net> Jan 14 12:52:25 mail slapd[7589]: <<< dnPrettyNormal: <dc=mydomain,dc=net>, <dc=mydomain,dc=net> Jan 14 12:52:25 mail slapd[7589]: SRCH "dc=mydomain,dc=net" 0 0 Jan 14 12:52:25 mail slapd[7589]: 1 0 0 Jan 14 12:52:25 mail slapd[7589]: begin get_filter Jan 14 12:52:25 mail slapd[7589]: EQUALITY Jan 14 12:52:25 mail slapd[7589]: end get_filter 0 Jan 14 12:52:25 mail slapd[7589]: filter: (uid=myusername) Jan 14 12:52:25 mail slapd[7589]: attrs: Jan 14 12:52:25 mail slapd[7589]: Jan 14 12:52:25 mail slapd[7589]: conn=1 op=1 SRCH base="dc=mydomain,dc=net" scope=0 deref=0 filter="(uid=myusername)" Jan 14 12:52:25 mail slapd[7589]: => ldbm_back_search Jan 14 12:52:25 mail slapd[7589]: dn2entry_r: dn: "dc=mydomain,dc=net" Jan 14 12:52:25 mail slapd[7589]: => dn2id( "dc=mydomain,dc=net" ) Jan 14 12:52:25 mail slapd[7589]: ====> cache_find_entry_ndn2id("dc=mydomain,dc=net"): 1 (1 tries) Jan 14 12:52:25 mail slapd[7589]: <= dn2id 1 (in cache) Jan 14 12:52:25 mail slapd[7589]: => id2entry_r( 1 ) Jan 14 12:52:25 mail slapd[7589]: ====> cache_find_entry_id( 1 ) "dc=mydomain,dc=net" (found) (1 tries) Jan 14 12:52:25 mail slapd[7589]: <= id2entry_r( 1 ) 0x817e450 (cache) Jan 14 12:52:25 mail slapd[7589]: base_candidates: base: "dc=mydomain,dc=net" Jan 14 12:52:25 mail slapd[7589]: ====> cache_return_entry_r( 1 ): returned (0) Jan 14 12:52:25 mail slapd[7589]: => id2entry_r( 1 ) Jan 14 12:52:25 mail slapd[7589]: ====> cache_find_entry_id( 1 ) "dc=mydomain,dc=net" (found) (1 tries) Jan 14 12:52:25 mail slapd[7589]: <= id2entry_r( 1 ) 0x817e450 (cache) Jan 14 12:52:25 mail slapd[7589]: => test_filter Jan 14 12:52:25 mail slapd[7589]: EQUALITY Jan 14 12:52:25 mail slapd[7589]: => access_allowed: search access to "dc=mydomain,dc=net" "uid" requested Jan 14 12:52:25 mail slapd[7589]: <= root access granted Jan 14 12:52:25 mail slapd[7589]: <= test_filter 5 Jan 14 12:52:25 mail slapd[7589]: ldbm_search: candidate entry 1 does not match filter Jan 14 12:52:25 mail slapd[7589]: ====> cache_return_entry_r( 1 ): returned (0) Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=7 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7589]: send_ldap_result: conn=1 op=1 p=3 Jan 14 12:52:25 mail slapd[7589]: send_ldap_result: err=0 matched="" text="" Jan 14 12:52:25 mail slapd[7589]: send_ldap_response: msgid=2 tag=101 err=0 Jan 14 12:52:25 mail slapd[7589]: conn=1 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 14 12:52:25 mail slapd[7562]: daemon: activity on 1 descriptors Jan 14 12:52:25 mail slapd[7562]: daemon: activity on: Jan 14 12:52:25 mail slapd[7562]: 10r Jan 14 12:52:25 mail slapd[7562]: Jan 14 12:52:25 mail slapd[7562]: daemon: read activity on 10 Jan 14 12:52:25 mail slapd[7562]: connection_get(10) Jan 14 12:52:25 mail slapd[7562]: connection_get(10): got connid=1 Jan 14 12:52:25 mail slapd[7562]: connection_read(10): checking for input on id=1 Jan 14 12:52:25 mail slapd[7588]: do_unbind Jan 14 12:52:25 mail slapd[7588]: conn=1 op=2 UNBIND Jan 14 12:52:25 mail slapd[7562]: ber_get_next on fd 10 failed errno=0 (Success) Jan 14 12:52:25 mail slapd[7562]: connection_read(10): input error=-2 id=1, closing. Jan 14 12:52:25 mail slapd[7562]: connection_closing: readying conn=1 sd=10 for close Jan 14 12:52:25 mail slapd[7562]: connection_close: deferring conn=1 sd=10 Jan 14 12:52:25 mail slapd[7588]: connection_resched: reaquiring locks conn=1 sd=10 Jan 14 12:52:25 mail slapd[7588]: connection_resched: attempting closing conn=1 sd=10 Jan 14 12:52:25 mail slapd[7588]: connection_close: conn=1 sd=10 Jan 14 12:52:25 mail slapd[7588]: daemon: removing 10 Jan 14 12:52:25 mail slapd[7588]: conn=1 fd=10 closed Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=7 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: activity on 1 descriptors Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=6 active_threads=0 tvp=NULL Jan 14 12:52:25 mail slapd[7562]: daemon: select: listen=7 active_threads=0 tvp=NULL |
although it probably makes no difference
there are two = on the end of that hash sum |
Doesn't anyone know?
Please help!!! David |
Why do people post the word "bump" ?
|
All times are GMT -5. The time now is 05:04 AM. |