Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 12-15-2008, 02:48 PM   #1
LQ Newbie
Registered: Dec 2008
Posts: 1

Rep: Reputation: 0
PAM authentication failure

My PAM module seems to work right but it fails in authentication. Althought it can't authenticate, the session module works and the software who uses it executes well.

For example, when I login through "gdm" using pam to authenticate against an ldap server
/var/log/auth.log shows
pam_unix(gdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=myuser
pam_unix(gdm:session): session opened for user myuser by (uid=0)
Any ideas?

Last edited by capibolso; 12-16-2008 at 07:26 AM. Reason: improving reasons
Old 05-01-2013, 04:24 AM   #2
LQ Newbie
Registered: Apr 2013
Location: United Kingdom
Distribution: CentOS
Posts: 5

Rep: Reputation: Disabled
LDAP not being consulted during PAM authentication

Hi capibolso-

It's clear that your LDAP server is not being consulted as a source of authentication by PAM. Below is a specimen of what you should be seeing in your logs if PAM is using LDAP:

May 1 08:06:48 ns1 sshd[32592]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= user=myUsername
May 1 08:06:48 ns1 sshd[32592]: Accepted password for myUsername from port 60069 ssh2
May 1 08:06:48 ns1 sshd[32592]: pam_unix(sshd:session): session opened for user myUsername

The following are some HowTo's I bunged on my blog which you may find useful. Please note that the blog entries are geared towards more modern LDAP configurations and work with RHEL/CentOS 6+ . If you're using some ancient setup, you might find issues:

The first link details how to configure LDAP clients for PAM:

And the next link details how to unpick LDAP errors. The LDAP queries have to wind through various parts of the system for everything to work correctly. The trick is, knowing at what point things are breaking:

Hope this helps somebody out. LDAP is a monkey to be sure and it's really not been very well documented, hence my own efforts. LDAP is brilliant, but I can't believe how totally either absent, or just obtuse & unhelpful whatever has been written is.



auth, authentication, failure, gdm, linux, pam, session, unix

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
I need help with authentication PAM - SQUID karlag Linux - Server 10 08-19-2008 08:18 PM
PAM authentication onik Linux - Software 0 06-27-2008 03:59 AM
How does PAM Authentication Work? ejennings_98 Linux - Security 1 10-31-2003 03:29 PM
PAM User Login Authentication Failure robeb Linux - Security 5 11-16-2002 09:01 PM
NIS and pam/gdm authentication failure cquense Linux - Networking 0 07-05-2001 04:08 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:44 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration