Skip to Main Content
Forums

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SSH LDAP Authentication

807557Feb 7 2010 — edited Feb 9 2010
Hi Forum,

Could you please help me , I installed latest patch cluster on Solaris 10 and after that somehow SSH/LDAP is not authentication users, before installing patchset everything was working fine.

OS: Solaris 10
Patch Cluster: 20th Jan 2010
uname -a: SunOS test 5.10 Generic_142900-03 sun4u sparc SUNW,Netra-440

LDAP is working though, I can run the commands like ldaplist,getent,id,finger. Even I can su to ldap user once I login to root and then login to another user providing the password. What I get in /var/adm/messages

Feb 8 13:19:23 test sshd[23566]: [ID 800047 auth.error] error: PAM: No account present for user for ahmedf from 10.110.2.13
Feb 8 13:23:09 test sshd[24588]: [ID 800047 auth.error] error: PAM: No account present for user for ahmedf from cuba.drives.rta.nsw.gov.au
Feb 8 13:25:08 test sshd[25391]: [ID 836641 auth.error] pam_unix_cred: cannot get passwd entry for user = fungvt
Feb 8 13:25:08 test sshd[25351]: [ID 800047 auth.crit] fatal: login_get_lastlog: Cannot find account for uid 5116
Feb 8 13:25:08 test sshd[25351]: [ID 800047 auth.crit] fatal: login_init_entry: Cannot find user "fungvt"
Feb 8 13:32:28 test sshd[27576]: [ID 800047 auth.error] error: PAM: No account present for user for ahmedf from cuba.drives.rta.nsw.gov.au

I debugged PAM and here is the result

Feb 8 13:09:20 test sshd[20416]: [ID 639905 auth.debug] tid= 1: userID=cn=proxyagent,ou=profile,dc=drives,dc=rta,dc=nsw,dc=gov,dc=au
Feb 8 13:09:20 test sshd[20418]: [ID 595676 auth.debug] PAM[20418]: pam_set_item(95b30:conv)
Feb 8 13:09:20 test sshd[20418]: [ID 490433 auth.debug] PAM[20418]: pam_authenticate(95b30, 0)
Feb 8 13:09:20 test sshd[20418]: [ID 609636 auth.debug] PAM[20418]: load_modules(95b30, pam_sm_authenticate)=/usr/lib/security/pam_authtok_get.so.1
Feb 8 13:09:20 test sshd[20418]: [ID 425601 auth.debug] PAM[20418]: pam_get_user(95b30, fefb49b0, NULL)
Feb 8 13:09:20 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't contact LDAP server
Feb 8 13:09:20 test last message repeated 1 time
Feb 8 13:09:20 test sshd[20418]: [ID 292100 auth.warning] libsldap: could not remove 163.189.222.66 from servers list
Feb 8 13:09:20 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 7 Mesg: Session error no available conn.
Feb 8 13:09:22 test sshd[20418]: [ID 595676 auth.debug] PAM[20418]: pam_set_item(95b30:authtok)
Feb 8 13:09:22 test last message repeated 1 time
Feb 8 13:09:22 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't contact LDAP server
Feb 8 13:09:22 test last message repeated 1 time
Feb 8 13:09:22 test sshd[20418]: [ID 292100 auth.warning] libsldap: could not remove 163.189.222.66 from servers list
Feb 8 13:09:22 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 7 Mesg: Session error no available conn.
Feb 8 13:09:22 test sshd[20418]: [ID 281939 auth.debug] PAM[20418]: pam_authenticate(95b30, 0): error No account present for user
Feb 8 13:09:22 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 7 Mesg: Session error no available conn.
Feb 8 13:09:22 test sshd[20418]: [ID 219349 auth.debug] pam_unix_auth: user ahmedf not found
Feb 8 13:09:22 test sshd[20418]: [ID 281939 auth.debug] PAM[20418]: pam_authenticate(95b30, 0): error No account present for user
Feb 8 13:09:22 test sshd[20418]: [ID 293258 auth.warning] libsldap: Status: 7 Mesg: Session error no available conn.
Feb 8 13:09:22 test sshd[20418]: [ID 281939 auth.debug] PAM[20418]: pam_authenticate(95b30, 0): error System error
Feb 8 13:09:22 test sshd[20418]: [ID 595676 auth.debug] PAM[20418]: pam_set_item(95b30:authtok)
Feb 8 13:09:22 test sshd[20416]: [ID 800047 auth.error] error: PAM: No account present for user for ahmedf from cuba.drives.rta.nsw.gov.au
Feb 8 13:09:22 test sshd[20437]: [ID 349916 auth.debug] PAM[20437]: pam_set_item(95b30:conv)
Feb 8 13:09:22 test sshd[20437]: [ID 739973 auth.debug] PAM[20437]: pam_authenticate(95b30, 0)
Feb 8 13:09:22 test sshd[20437]: [ID 155434 auth.debug] PAM[20437]: load_modules(95b30, pam_sm_authenticate)=/usr/lib/security/pam_authtok_get.so.1
Feb 8 13:09:22 test sshd[20437]: [ID 467656 auth.debug] PAM[20437]: pam_get_user(95b30, fefb49b0, NULL)
Feb 8 13:09:22 test sshd[20437]: [ID 293258 auth.warning] libsldap: Status: 7 Mesg: Session error no available conn.


Please help me, before patch cluster all was working.

Regards,

RTA
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Mar 9 2010
Added on Feb 7 2010
#oracle-solaris, #solaris-10
6 comments
1,880 views