Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: PAM authentication failure
Top Forums UNIX for Advanced & Expert Users PAM authentication failure Post 302269096 by Cass67 on Tuesday 16th of December 2008 10:25:56 PM
Old 12-16-2008
Quote:
Originally Posted by capibolso
My PAM module seems to work right but it fails in authentication. Althought it can't authenticate, the session module works and the software who uses it executes well.

For example, when I login through "gdm" using pam to authenticate against an ldap server
/var/log/auth.log shows



Any ideas?

Your trying to log in via root user ? Possibly this is due to some restrictions in root user logins in your config ....... There is not much else to go on with what your trying to do or you OS/setup to help more ...
 

10 More Discussions You Might Find Interesting

1. Programming

PAM Authentication Sample

Hi, I am a Linux / Unix newbie c programmer. I have a c/c++ daemon server that will receive authentication (userid / password) from a windows client. All I want to do is authenticate the user via PAM API - i.e. user must exist on the Unix / Linux system + password must be validated. ... (1 Reply)
Discussion started by: vineshp
1 Replies

2. UNIX for Advanced & Expert Users

pam ldap limit authentication

I have a linux machine which authenticate users to ldap, this is working fine. But I would like to limit users that logon to the machines to just the system admins. The machines hosts different web sites which users accessed from there home directory like http://foo.mdx.ac.uk/~username At the... (0 Replies)
Discussion started by: hassan1
0 Replies

3. Solaris

nisplus and pam authentication

HI, There is a user having problem when he try to login to solaris box, it works after few tried. What may be the problem? PAM authentication Password: PAM authentication Password: PAM authentication New Password: (1 Reply)
Discussion started by: mokkan
1 Replies

4. Solaris

Soalris 10 PAM Radius authentication Module

Hello Group, I'm facing Problem with the configuration of "***pam_radius_auth.so.1***" module to be integrated with Freeradius and Funk Steel Belted Radius. Both this radius servers are able to make "Access-Accept" packet. But the SSH or Telnet client is not able to login to the system with the... (0 Replies)
Discussion started by: ImpeccableCode
0 Replies

5. Red Hat

PAM configuration: Kerberos authentication and NIS authorization problem

Hi, I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS. The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies

6. SCO

Authentication problems with Active Directory/Samba/Winbind/Pam

Hi all. I'm having real trouble authenticating users against active directory for my SCO UnixWare 7.1.4 box running samba 3.0.24 (installed via Maintenance pack 4). I can list AD users/groups (after overcoming several hiccups) with wbinfo -g / wbinfo -u. I can use id to get a view an ad user ie:... (0 Replies)
Discussion started by: silk600
0 Replies

7. UNIX for Advanced & Expert Users

PAM authentication.

I have applied pam authentication for local users as highlighted in below file. # cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so... (0 Replies)
Discussion started by: pinga123
0 Replies

8. Solaris

SSH and PAM authentication issues on Solaris 10

This is a zone running Solaris 10u8 on a 6320 blade. The global zone is also running 10u8. One my users is attempting to change his password and getting a following screen: $ ssh remotesys Password: Warning: Your password has expired, please change it now. New Password: Re-enter new... (1 Reply)
Discussion started by: bluescreen
1 Replies

9. SuSE

Authentication with PAM

Hello all, I recently updated PAM policy files (pam_authz.policy) on HP-UX Servers with AD groups involving allowing and denying the certain groups.. Could anyone tell me what is the equivalent mechanism in SLES(Linux)? Is it possible to allow/deny AD group access with the SLES LDAP... (0 Replies)
Discussion started by: lcclaj0
0 Replies

10. UNIX for Advanced & Expert Users

Crontab authentication failure

Dear all, I noticed in syslog that i receive authentication failure from cron: Mar 11 23:19:01 s1 CRON28789]: Authentication failure Mar 11 23:19:01 s1 cron: Authentication failure Mar 11 23:19:01 s1 cron: Authentication failure Mar 11 23:19:01 s1 CRON: Authentication failure Mar 11... (3 Replies)
Discussion started by: mydove
3 Replies

LEARN ABOUT HPUX

pam_authenticate

pam_authenticate(3)					     Library Functions Manual					       pam_authenticate(3)

NAME

       pam_authenticate - perform authentication within the PAM framework

SYNOPSIS

       [ flag ... ] file ...  [ library ... ]

DESCRIPTION

       is  called  to  authenticate  the current user.	The user is usually required to enter a password or similar authentication token depending
       upon the authentication service configured within the system. In the case of smart card authentication this  token  would  be  a  (Personal
       Identification  Number).  The user in question should have been specified by a prior call to or The following flags may be set in the flags
       field:

	      Authentication service should not generate any messages

	      The authentication service should return
		     if the user has a null authentication token

APPLICATION USAGE

       Refer to pam(3) for information on thread-safety of PAM interfaces.

NOTES

       In the case of authentication failures due to an incorrect username or password, it is the responsibility of the application to	retry  and
       to maintain the retry count.  An authentication service module may implement an internal retry count and return an error if the module does
       not want the application to retry.

       If the PAM framework can not load the authentication module, then it will return This indicates a serious failure and that the  application
       should not attempt to retry the authentication.

       For  security  reasons,	the  location  of  authentication  failures is hidden from the user.  Thus, if several authentication services are
       stacked and a single service fails, requires that the user re-authenticate to all the services.

       A null authentication token in the authentication database will result in successful authentication unless was specified.  In  such  cases,
       there will not be any prompting for the user to enter an authentication token.

       The  authentication can be done through a smart card. In this case the user plugs their smart card in the smart card reader and is required
       to enter their smart card PIN.

RETURN VALUES

       Upon successful completion, is returned.  In addition to the error return values described in pam(3), the following values may be returned:

       Authentication failure.

       Can not access authentication data due to insufficient credentials.

       Underlying authentication service can not retrieve authentication information.

       User not known to the underlying authentication module.

       An authentication service has maintained a retry count which
				       has been reached. No further retries should be attempted.

SEE ALSO

       pam(3), pam_start(3), pam_open_session(3), pam_setcred(3).

															       pam_authenticate(3)
All times are GMT -4. The time now is 08:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy