Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 04-20-2006, 12:48 AM   #1
Registered: Dec 2003
Location: USA
Distribution: Debian
Posts: 40

Rep: Reputation: 15
Question Was working pam_ldap till sasl - what happened?

I googled all over, read a million howtos, and forum posts - I am out of ideas. Been on this now for over 3 days hope someone will be kind enough to help.

pam_ldap was working before i installed postfix,cyrus & sasl now it doesn't anymore.
I have added a test file with uid and gid of the LDAP-User to a dir but it doesn't resolve, and su LDAP-User doesn't work either.
In syslog I can see that ldap gets searched when I do 'ls -l' on the folder with the test file but nothing gets returned.

"finger LDAP-User" & "getent passwd|grep LDAP-User" returnes the user data via nss_ldap just fine.

(The username has been changed it isn't LDAP-User)
(Running on Debian Sarge - new install)

Trying a ssh login gives me following error:
sshd[5077]: Illegal user LDAP-User from
sshd[5077]: (pam_unix) check pass; user unknown
sshd[5077]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
sshd[5077]: error: PAM: Authentication service cannot retrieve authentication info. for illegal user LDAP-User from
sshd[5077]: Failed keyboard-interactive/pam for illegal user LDAP-User from port 34721 ssh2

As you can see according to auth.log it doesn't even seam to try pam_ldap but when I look in to syslog I can see slapd being searched for the user.

My setup is real basic at this point:
auth sufficient
auth required nullok_secure try_first_pass

# /etc/pam.d/common-account
account sufficient
account required try_first_pass

# /etc/pam.d/common-password
password sufficient
password required nullok obscure min=4 max=8 md5

base dc=pzzazz,dc=com
ldap_version 3
#I have added following to avoit LDAP acl conflicts
binddn cn=admin,dc=pzzazz,dc=com
bindpw secretPass
rootbinddn cn=admin,dc=pzzazz,dc=com
pam_password md5

Thank you for even reading this far.

Dennis Kaplan

Last edited by gruessle; 04-20-2006 at 12:55 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Nvidia Drivers Working till Shutdown JayCnrs Linux - Laptop and Netbook 8 07-22-2005 02:19 PM
how to install pam_ldap? mel82 Slackware - Installation 1 02-18-2005 01:21 PM
need help for pam_ldap!!! ahshin Linux - Networking 0 10-08-2003 07:40 PM
PAM_LDAP and eDirectory Trucker Linux - Networking 2 02-25-2003 02:25 AM
pam_ldap with tls and sasl hardigunawan Linux - Networking 3 05-21-2002 08:29 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:47 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration