Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

native solaris ldap user auth failing

807573Apr 25 2006 — edited May 3 2006
I just set up ds52p4 on solaris 9 server.
On the client side, I'm running sol 10 (update 1 from 01/2006).
I initialized the ldap client successfully.
I also imported the following /etc files: hosts, passwd, shadow, group
and I can successfully run getent & ldaplist to pull/display the data that's been entered.
However, when I try to login on the client side its failing...
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

here's a copy of the logs...I've xxx'd out some of the info for user, hostname & IP data for obvious reasons. If anyone can assist by stepping thru the logs that would be greatly appreciated.

[25/Apr/2006:16:49:25 -0400] conn=480 op=17 msgId=18 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=posixAccount)(uid=yyyyy))" attrs="cn uid uidNumber gidNumber gecos description homeDirectory loginShell"
[25/Apr/2006:16:49:25 -0400] conn=480 op=17 msgId=18 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=480 op=18 msgId=19 - SRCH base="ou=hosts,o=xxxx.com" scope=1 filter="(&(objectClass=ipHost)(ipHostNumber=zzz.aa.17.36))" attrs="cn ipHostNumber"
[25/Apr/2006:16:49:27 -0400] conn=480 op=18 msgId=19 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=480 op=19 msgId=20 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=posixAccount)(uid=yyyyy))" attrs="cn uid uidNumber gidNumber gecos description homeDirectory loginShell"
[25/Apr/2006:16:49:27 -0400] conn=480 op=19 msgId=20 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=505 op=-1 msgId=-1 - fd=35 slot=35 LDAP connection from zzz.aa.16.50 to zzz.aa.17.204
[25/Apr/2006:16:49:27 -0400] conn=505 op=0 msgId=1 - BIND dn="cn=proxyagent,ou=profile,o=xxxx.com" method=128 version=3
[25/Apr/2006:16:49:27 -0400] conn=505 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyagent,ou=profile,o=xxxx.com"
[25/Apr/2006:16:49:27 -0400] conn=505 op=1 msgId=2 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=posixAccount)(uid=yyyyy))" attrs="cn uid uidNumber gidNumber gecos description homeDirectory loginShell"
[25/Apr/2006:16:49:27 -0400] conn=505 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=505 op=2 msgId=3 - UNBIND
[25/Apr/2006:16:49:27 -0400] conn=505 op=2 msgId=-1 - closing - U1
[25/Apr/2006:16:49:27 -0400] conn=506 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from zzz.aa.16.50 to zzz.aa.17.204
[25/Apr/2006:16:49:27 -0400] conn=505 op=-1 msgId=-1 - closed.
[25/Apr/2006:16:49:27 -0400] conn=506 op=0 msgId=1 - BIND dn="cn=proxyagent,ou=profile,o=xxxx.com" method=128 version=3
[25/Apr/2006:16:49:27 -0400] conn=506 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyagent,ou=profile,o=xxxx.com"
[25/Apr/2006:16:49:27 -0400] conn=506 op=1 msgId=2 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=shadowAccount)(uid=yyyyy))" attrs="uid userPassword shadowFlag"
[25/Apr/2006:16:49:27 -0400] conn=506 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=506 op=2 msgId=3 - UNBIND
[25/Apr/2006:16:49:27 -0400] conn=506 op=2 msgId=-1 - closing - U1
[25/Apr/2006:16:49:27 -0400] conn=507 op=-1 msgId=-1 - fd=35 slot=35 LDAP connection from zzz.aa.16.50 to zzz.aa.17.204
[25/Apr/2006:16:49:27 -0400] conn=506 op=-1 msgId=-1 - closed.
[25/Apr/2006:16:49:27 -0400] conn=507 op=0 msgId=1 - BIND dn="cn=proxyagent,ou=profile,o=xxxx.com" method=128 version=3
[25/Apr/2006:16:49:27 -0400] conn=507 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyagent,ou=profile,o=xxxx.com"
[25/Apr/2006:16:49:27 -0400] conn=507 op=1 msgId=2 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=posixAccount)(uid=yyyyy))" attrs="cn uid uidNumber gidNumber gecos description homeDirectory loginShell"
[25/Apr/2006:16:49:27 -0400] conn=507 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=507 op=2 msgId=3 - UNBIND
[25/Apr/2006:16:49:27 -0400] conn=507 op=2 msgId=-1 - closing - U1
[25/Apr/2006:16:49:27 -0400] conn=508 op=-1 msgId=-1 - fd=40 slot=40 LDAP connection from zzz.aa.16.50 to zzz.aa.17.204
[25/Apr/2006:16:49:27 -0400] conn=507 op=-1 msgId=-1 - closed.
[25/Apr/2006:16:49:27 -0400] conn=508 op=0 msgId=1 - BIND dn="cn=proxyagent,ou=profile,o=xxxx.com" method=128 version=3
[25/Apr/2006:16:49:27 -0400] conn=508 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyagent,ou=profile,o=xxxx.com"
[25/Apr/2006:16:49:27 -0400] conn=508 op=1 msgId=2 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=shadowAccount)(uid=yyyyy))" attrs="uid userPassword shadowFlag"
[25/Apr/2006:16:49:27 -0400] conn=508 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[25/Apr/2006:16:49:27 -0400] conn=508 op=2 msgId=3 - UNBIND
[25/Apr/2006:16:49:27 -0400] conn=508 op=2 msgId=-1 - closing - U1
[25/Apr/2006:16:49:27 -0400] conn=508 op=-1 msgId=-1 - closed.
[25/Apr/2006:16:49:27 -0400] conn=480 op=20 msgId=21 - SRCH base="ou=people,o=xxxx.com" scope=1 filter="(&(objectClass=SolarisUserAttr)(uid=yyyyy))" attrs="uid SolarisUserQualifier SolarisAttrReserved1 SolarisAttrReserved2 SolarisAttrKeyValue"
[25/Apr/2006:16:49:27 -0400] conn=480 op=20 msgId=21 - RESULT err=0 tag=101 nentries=0 etime=0
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on May 31 2006
Added on Apr 25 2006
#identity-management, #oracle-unified-directory-oud-oracle-directory-server-enterprise-edition-sun-dsee
14 comments
428 views