Antwort: Re: [Samba] Smb-LDAP Authentification -- HowTo IDEALX
Jan_Riedel at gish.de
Jan_Riedel at gish.de
Wed Jul 24 01:15:02 GMT 2002
It isn´t working ...
Perhaps it is useful the LDAP request in the /var/log/messages:
Jul 24 12:15:25 degislx1 slapd[2530]: daemon: conn=306 fd=22 connection from
IP=127.0.0.1:33261 (IP=:: 389) accepted.
Jul 24 12:15:25 degislx1 slapd[2565]: conn=306 op=0 BIND dn="" method=128
Jul 24 12:15:25 degislx1 slapd[2565]: conn=306 op=0 RESULT tag=97 err=0 text=
Jul 24 12:15:25 degislx1 slapd[2620]: conn=306 op=1 SRCH base="dc=SAMBA,dc=org"
scope=2 filter="(uid=root)"
Jul 24 12:15:25 degislx1 slapd[2620]: conn=306 op=1 SEARCH RESULT tag=101 err=0
text=
Jul 24 12:15:25 degislx1 slapd[2565]: conn=306 op=2 SRCH base
="ou=Groups,dc=SAMBA,dc=org" scope=1 filter="(&(objectClass=posixGroup)
(|(memberUid=root)(uniqueMember=uid=root,ou=Users,dc=SAMBA,dc=ORG)))"
Jul 24 12:15:25 degislx1 slapd[2565]: conn=306 op=2 SEARCH RESULT tag=101 err=0
text=
"Markus Schabel"
<markus.schabel at t An: <samba at lists.samba.org>, <Jan_Riedel at gish.de>
gm.ac.at> Kopie:
Thema: Re: [Samba] Smb-LDAP Authentification -- HowTo IDEALX
24.07.2002 09:31
try changing your pam.d/sshd:
password sufficient pam_ldap.so use_authtok
greetz
----- Original Message -----
From: <Jan_Riedel at gish.de>
To: <samba at lists.samba.org>
Sent: Wednesday, July 24, 2002 9:15 AM
Subject: [Samba] Smb-LDAP Authentification -- HowTo IDEALX
>
> Hello All,
>
> I have a problem with the autentification using SAMBA and LDAP. I use the
> SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiled
SAMBA
> 2.2.5 and use the OpenLDAP from the distribution. The problem is: I can´t
join
> the domain with W2K and I guess it is a problem with the authentification
with
> LDAP. Because when I use the example from the HowTo to create a user as:
> degislx1:> smbldap-useradd.pl -m -a smbtest
> degislx1:> smbldap-passwd.pl smbtest
>
> Setting the password and thn try to:
>
> degislx1:> ssh smbtest at degislx1
>
> After typing the password there is an error message called: Permisson
denied.
> And the /var/log/messages says:
> Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle
passed
> Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal user
smbtest
> from ::1 port 33262
> Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1
>
> I have modified the pam module in /etc/pam.d/sshd to :
>
> #%PAM-1.0
> auth required pam_nologin.so
> auth sufficient pam_ldap.so
> auth required pam_unix.so use_first_pass # set_secrpc
> account required pam_unix.so
> password required pam_pwcheck.so
> password required pam_ldap.so use_authtok
> password required pam_unix.so use_first_pass use_authtok
> session required pam_unix.so
> session required pam_limits.so
> session required pam_env.so
> session optional pam_mail.so
>
> When I type in getent passwd I get all the users in passwd and LDAP tree
and I
> also change /etc/nsswitch.conf to required values...
>
> What can be the error ???
>
> Thx for your help,
> Jan
>
>
>
>
>
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list