12-05-2008
In your log, you used something called pamtest but it's not clear if you provided the password manually. If you did, that means you have to specify the password somewhere.
That's because, the LDAP client needs to authenticate itself against the server. It must do so with a username and password. This username and password are sometimes provided in the pam_ldap configuration file (depending on the specific PAM configuration). it might also be in the /etc/ldap.conf file (depending on the LDAP vendor).
9 More Discussions You Might Find Interesting
1. Ubuntu
I remember I could boot from terminal and then log into gnome as I pleased with Ubuntu. And since ubuntu derives from Debian I figured I would be able to do the same. Don't knwo shich file to edit though...
/Richard (3 Replies)
Discussion started by: riwa
3 Replies
2. Debian
Hi everybody,
I run a Debian samba-ldap server. Every thing works fine, but the only problem i have is
this error in my samba logs:
groupdb/mapping.c:pdb_create_builtin_alias(802)
pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
... (0 Replies)
Discussion started by: magge
0 Replies
3. UNIX for Advanced & Expert Users
Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is..
I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies
4. UNIX and Linux Applications
Hi,
i have a server installed samba+openldap (pdc). Need to migration windows server 2003 (active directory) object users, computers.
Where you can read how to do it? Or can tell me how to do it?
Thanks.
P.S. Sorry for bad english (0 Replies)
Discussion started by: ap0st0l
0 Replies
5. Windows & DOS: Issues & Discussions
Hello,
I've setup a ubuntu 10.04 server running samba 3.4.7 as domain controler / file server at a customer site, that works great most of the time but I face a random problem. Of course I'm never on the site when the problem occurs, so I cannot investigate in real time.
What happens is that... (2 Replies)
Discussion started by: Manu.b
2 Replies
6. Red Hat
I am working on configuring Samba with Remote LDAP for Authentications but facing issue on the same.
I googled for the this but most of the setup is to connect local Samba and LDAP with samba-ldap tools but in my case this is on a separate machines.
Please help me to configure this.
... (0 Replies)
Discussion started by: sunnysthakur
0 Replies
7. AIX
The KRB5ALDAP compound load module is giving me fits. Everything looks like it should be working, but no.
Goal: Integrate AIX host with Active Directory using a KRB5ALDAP compound load module so that users can be created in AD and used in AIX, with unix attributes (registry values) being... (2 Replies)
Discussion started by: jgeiger
2 Replies
8. Solaris
I have configured samba for working
with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines)
On linux works perfect,and i get the same uid for a X user
on all machines.
On solaris11 and hpux 11.31 not
wbinfo -u works fine
wbinfo -g works... (0 Replies)
Discussion started by: Linusolaradm1
0 Replies
9. UNIX for Advanced & Expert Users
Hi,
I would like to configure samba with PEM (with LDAP). I've already found, on the server, configured the PAM Authentication(with LDAP) for ssh. I wanted to know if it was possible to configure PAM for to authenticate to another LDAP only for SAMBA.
Is possibile duplicate the... (2 Replies)
Discussion started by: mark888
2 Replies
LEARN ABOUT CENTOS
pam_ldap
pam_ldap(8) System Manager's Manual pam_ldap(8)
NAME
pam_ldap - PAM module for LDAP-based authentication
SYNOPSIS
pam_ldap.so [...]
DESCRIPTION
This is a PAM module that uses an LDAP server to verify user access rights and credentials.
OPTIONS
use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
word.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user
for a password.
nullok Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM
framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ig-
nore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
a new password (it is analogous to use_first_pass).
debug This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass
LDAP checks for system users (e.g. by setting it to 1000).
MODULE SERVICES PROVIDED
All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.
FILES
/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
SEE ALSO
pam.conf(5), nslcd(8), nslcd.conf(5)
AUTHOR
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Version 0.8.13 May 2013 pam_ldap(8)