Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

ldap+samba+gdm trouble

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users ldap+samba+gdm trouble
# 1  
Old 12-04-2008
ldap+samba+gdm trouble
I'm having troubles setting up a client(with Ubuntu 8.10) for a ldap+samba server. I can't authenticate through the client with gdm, the messages I have in /etc/auth.log at the client is

Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1: Invalid credentials
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: could not connect to any LDAP server as cn=administrator,dc=foo,dc=com - Can't contact LDAP server
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldapi:///192.168.0.1: Can't contact LDAP server
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1/: Invalid credentials
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: pam_unix(gdm:auth): check pass; user unknown
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: pam_unix(gdm:auth): authentication failure; logname= uid=0 euid=0 tty=:20 ruser= rhost=
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1: Invalid credentials
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: could not connect to any LDAP server as cn=administrator,dc=foo,dc=com - Can't contact LDAP server
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldapi:///192.168.0.1: Can't contact LDAP server
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1/: Invalid credentials
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 4 14:21:56 myuser-mydesktop gdm[14815]: gkr-pam: error looking up user information

But
finger ldapuser
getent passwd | grep ldapuser
both works fine and

pamtest passwd ldapuser
Trying to authenticate ldapuser for service passwd.
Password:******
Authentication successful.

pamtest login ldapuser
Trying to authenticate ldapuser for service login.
Password:******
Authentication successful

Any help would be appreciated!
Last edited by capibolso; 12-04-2008 at 06:37 PM..
# 2  
Old 12-05-2008
Is gdm running as root? This might be necessary. Or it must be in the same group that has access to whatever pam configuration file is used.
# 3  
Old 12-05-2008
gdm is running with right permissions, the major problem is that it can't validate credentials although distinguished name is fine

gdm[14815]: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1/: Invalid credentials

any help with that?
# 4  
Old 12-05-2008
In your log, you used something called pamtest but it's not clear if you provided the password manually. If you did, that means you have to specify the password somewhere.

That's because, the LDAP client needs to authenticate itself against the server. It must do so with a username and password. This username and password are sometimes provided in the pam_ldap configuration file (depending on the specific PAM configuration). it might also be in the /etc/ldap.conf file (depending on the LDAP vendor).
# 5  
Old 12-05-2008
pamtest doesn't appear on the log file, I write the ouput of their execution.
As the pamtest manual says:

Quote:
pamtest is a utility to test authentication through PAM. It will try to
authenticate against the pecified service, and print a message if this
was successful or not.
So I can athenticate through PAM...
Gdm is an interactive login (by default beside you can change that), so the username and password are entered that way.. the problem is that it only recognizes local users, no one from the server who has ldap service running
# 6  
Old 12-06-2008
No one outside the "local" server can authenticate against LDAP?? But gdm is trying to reach the LOCAL ldap server. Are you running LDAP locally or on another server? If the second answer, then again, check the LDAP config.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Configure samba with PAM point 2 different LDAP

Hi, I would like to configure samba with PEM (with LDAP). I've already found, on the server, configured the PAM Authentication(with LDAP) for ssh. I wanted to know if it was possible to configure PAM for to authenticate to another LDAP only for SAMBA. Is possibile duplicate the... (2 Replies)
Discussion started by: mark888
2 Replies

2. Solaris

Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux

I have configured samba for working with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines) On linux works perfect,and i get the same uid for a X user on all machines. On solaris11 and hpux 11.31 not wbinfo -u works fine wbinfo -g works... (0 Replies)
Discussion started by: Linusolaradm1
0 Replies

3. AIX

Trouble with Kerberos/LDAP and AIX 6.1

The KRB5ALDAP compound load module is giving me fits. Everything looks like it should be working, but no. Goal: Integrate AIX host with Active Directory using a KRB5ALDAP compound load module so that users can be created in AD and used in AIX, with unix attributes (registry values) being... (2 Replies)
Discussion started by: jgeiger
2 Replies

4. Red Hat

Configure Samba with Remote LDAP for Authentications.

I am working on configuring Samba with Remote LDAP for Authentications but facing issue on the same. I googled for the this but most of the setup is to connect local Samba and LDAP with samba-ldap tools but in my case this is on a separate machines. Please help me to configure this. ... (0 Replies)
Discussion started by: sunnysthakur
0 Replies

5. Windows & DOS: Issues & Discussions

Samba trouble shoot / workaround ?

Hello, I've setup a ubuntu 10.04 server running samba 3.4.7 as domain controler / file server at a customer site, that works great most of the time but I face a random problem. Of course I'm never on the site when the problem occurs, so I cannot investigate in real time. What happens is that... (2 Replies)
Discussion started by: Manu.b
2 Replies

6. UNIX and Linux Applications

Server migration from samba+ldap to windows server 2003

Hi, i have a server installed samba+openldap (pdc). Need to migration windows server 2003 (active directory) object users, computers. Where you can read how to do it? Or can tell me how to do it? Thanks. P.S. Sorry for bad english (0 Replies)
Discussion started by: ap0st0l
0 Replies

7. UNIX for Advanced & Expert Users

Compiling Samba from Source on AIX, Active Directory, LDAP, Kerberos

Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is.. I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies

8. Debian

Samba LDAP NT_STATUS_GROUP_EXISTS

Hi everybody, I run a Debian samba-ldap server. Every thing works fine, but the only problem i have is this error in my samba logs: groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS) ... (0 Replies)
Discussion started by: magge
0 Replies

9. Ubuntu

Turn off GDM boot-up?

I remember I could boot from terminal and then log into gnome as I pleased with Ubuntu. And since ubuntu derives from Debian I figured I would be able to do the same. Don't knwo shich file to edit though... /Richard (3 Replies)
Discussion started by: riwa
3 Replies
Login or Register to Ask a Question