No subject


Fri Jan 31 06:23:24 EST 2014 

>From suter  Thu Dec  6 13:51:09 2001
Return-Path: <majordom at caliburn.humbug.org.au>
Received: from diadora.client.uq.net.au (diadora-2 [10.0.1.2])
	by zwitterion.humbug.org.au (8.12.1/8.12.1/Debian -2) with ESMTP id fB63p8NT020016
	for <suter at zwitterion.humbug.org.au>; Thu, 6 Dec 2001 13:51:08 +1000
Received: from caliburn (mail at caliburn.humbug.org.au [203.15.51.6])
	by diadora.client.uq.net.au (8.12.1/8.12.1/Debian -2) with ESMTP id fB63p8vm031965
	for <suter at zwitterion.humbug.org.au>; Thu, 6 Dec 2001 13:51:08 +1000
Received: from majordom by caliburn with local (Exim 3.12 #1 (Debian))
	id 16BpKp-0000G8-00
	for <general-outgoing at lists.humbug.org.au>; Thu, 06 Dec 2001 13:36:31 +1000
Received: from service.qbssss.edu.au ([210.9.193.2])
	by caliburn with esmtp (Exim 3.12 #1 (Debian))
	id 16BpKl-0000G3-00
	for <general at lists.humbug.org.au>; Thu, 06 Dec 2001 13:36:28 +1000
Received: (from mail at localhost)
	by service.qbssss.edu.au (8.11.6/8.11.6) id fB63Z6f19743
	for general at lists.humbug.org.au.STORE; Thu, 6 Dec 2001 13:35:06 +1000
Received: from fsx.bssssq.edu.au ([147.132.156.14])
	by service.qbssss.edu.au (8.11.6/8.11.6) with ESMTP id fB63Z6j19738
	for <general at lists.humbug.org.au>; Thu, 6 Dec 2001 13:35:06 +1000
Received: from bssssq.edu.au (sysadmin.bssssq.edu.au [147.132.156.62])
	by fsx.bssssq.edu.au (8.11.6/8.11.6) with ESMTP id fB63YUc27761
	for <general at lists.humbug.org.au>; Thu, 6 Dec 2001 13:34:30 +1000
Message-ID: <3C0EE6E2.15F86535 at bssssq.edu.au>
Date: Thu, 06 Dec 2001 13:32:50 +1000
From: Robert Stuart <rstu at qbssss.edu.au>
Organization: Queensland Board of Senior Secondary School Studies
X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.4.15SA-pre5 i686)
X-Accept-Language: en
MIME-Version: 1.0
To: general at lists.humbug.org.au
Subject: [H-GEN] problems with ldap authentication on solaris
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Precedence: bulk
Reply-To: general at lists.humbug.org.au
X-Loop: general at lists.humbug.org.au
List-Help: <mailto:majordomo at lists.humbug.org.au?subject=help>
List-Post: <mailto:general at lists.humbug.org.au>
List-Subscribe: <mailto: general-request at lists.humbug.org.au?subject=subscribe>
List-Id: semi-serious discussions about Humbug and Unix-related topics <general at lists.humbug.org.au>
List-Unsubscribe: <mailto: general-request at lists.humbug.org.au?subject=unsubscribe>
List-Archive: <http://archive.humbug.org.au/humbug-general/>
Sender: Majordomo <majordom at caliburn.humbug.org.au>
Status: RO
Content-Length: 2102
Lines: 66

[ Humbug *General* list - semi-serious discussions about Humbug and  ]
[ Unix-related topics.  Please observe the list's charter.           ]
[ Worthwhile understanding: http://www.humbug.org.au/netiquette.html ]

Hi all,

I'm having problems with Solaris 8 authenticating against a Openldap
server (2.0.18).
I have a Linux box authenticating ok however looking at slap logs, it
looks like pam on RH does an anonymous bind and grabs the pw field from
People, but Solaris tries to bind as the user.  The password fields are
encrypted with CRYPT not MD5.

I've changed around the pam.conf on Solaris so it has lines like:

login   auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
login   auth required   /usr/lib/security/$ISA/pam_ldap.so.1
use_first_pass debug

and nsswitch.conf has:

passwd:     files ldap
group:      files ldap

Using ldaplist:

# ldaplist passwd ahen
dn: uid=ahen,ou=People,dc=qbssss,dc=edu

So the Solaris box can talk to the openldap server when querying..... 

Try telnetting to the local machine and it doesn't log on a ldap user;
the first set of syslog entries below is Solaris, the second is the RH
machine running slapd.  


Dec  6 13:22:08 pitman login: [ID 427203 auth.debug] pam_authenticate:
error Authentication failed
Dec  6 13:22:08 pitman login: [ID 905510 auth.debug] ldap
pam_sm_authenticate(telnet ahen), flags = 0


Dec  6 13:23:29 fsx slapd[13465]: daemon: conn=104 fd=19 connection from
IP=147.132.156.9:37592 (IP=0.0.0.0:34049) accepted. 
Dec  6 13:23:29 fsx slapd[15405]: conn=104 op=0 BIND
dn="UID=AHEN,OU=PEOPLE,DC=QBSSSS,DC=EDU" method=128 
Dec  6 13:23:29 fsx slapd[15405]: conn=104 op=0 RESULT tag=97 err=0
text= 
Dec  6 13:23:29 fsx slapd[13465]: deferring operation 
Dec  6 13:23:29 fsx slapd[15405]: conn=-1 fd=19 closed 

The "deferring operation" line looks a little odd.

Any suggestions?


Thanks
-- 
Robert Stuart
Ph: 61 7 3864 0364
Fax: 61 7 3221 2553

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.

More information about the General mailing list