Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Unable to login with pam_ldap

807573Aug 23 2006 — edited Sep 5 2006
Hello!

I am trying to use pam_ldap for login on my Solaris systems. But even after hours of reading the documentation I can not figure out what is wrong. Steps I did:

- Installing Sun Java System Directory Server
- Configuring Password Policy
- Added a user to ou=people
- Changed pam.conf at the client to http://docs.sun.com/app/docs/doc/816-4556/6maort2tb?a=view
- Initiated the client with "ldapclient manual -a domainName=$DOMAIN -a defaultSearchBase=$SEARCHBASE -a serviceAuthenticationMethod=pam_ldap:simple $SERVER_IP"

With ldapsearch on the client I am able to see the user entry. But logging in does not work. Here the output of syslog:

[...]
[auth.debug] PAM[21582]: load_modules(8a158, pam_sm_authenticate)=/usr/lib/security/pam_ldap.so.1
[auth.debug] PAM[21582]: load_function: successful load of pam_sm_authenticate
[auth.debug] PAM[21582]: pam_get_user(8a158, ff253d00, NULL)
[auth.debug] debug1: got 1 responses
[auth.debug] debug1: PAM conv function returns PAM_SUCCESS
[auth.debug] PAM[21582]: pam_set_item(8a158:authtok)
last message repeated 1 time
[auth.debug] PAM[21582]: pam_authenticate(8a158, 0): error Authentication failed
[...]

The access log of the directory server:

conn=34 op=2 msgId=3 - SRCH base="ou=people,$SEARCHBASE" scope=1 filter="(&(objectClass=SolarisUserAttr)(uid=$USERNAME))" attrs="uid solarisuserqualifier solarisattrreserved1 solarisattrreserved2 solarisattrkeyvalue"
conn=34 op=2 msgId=3 - RESULT err=0 tag=101 nentries=0 etime=0
conn=73 op=-1 msgId=-1 - fd=59 slot=59 LDAP connection from $CLIENT_IP to $SERVER_IP
conn=73 op=0 msgId=1 - SRCH base="ou=people,$SEARCHBASE" scope=1 filter="(&(objectClass=posixAccount)(uid=$USERNAME))" attrs=ALL
conn=73 op=0 msgId=1 - RESULT err=0 tag=101 nentries=1 etime=0
conn=73 op=1 msgId=2 - UNBIND
conn=73 op=1 msgId=-1 - closing - U1
conn=74 op=-1 msgId=-1 - fd=66 slot=66 LDAP connection from $CLIENT_IP to $SERVER_IP
conn=73 op=-1 msgId=-1 - closed.
conn=74 op=0 msgId=1 - BIND dn="uid=$USERNAME,ou=People,$SEARCHBASE" method=128 version=3
conn=74 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=$USERNAME,ou=people,$SEARCHBASE"
conn=74 op=1 msgId=2 - UNBIND
conn=74 op=1 msgId=-1 - closing - U1
conn=74 op=-1 msgId=-1 - closed.
conn=75 op=-1 msgId=-1 - fd=59 slot=59 LDAP connection from $CLIENT_IP to $SERVER_IP
conn=75 op=0 msgId=1 - SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedSASLMechanisms"
conn=75 op=0 msgId=1 - RESULT err=0 tag=101 nentries=1 etime=0
conn=75 op=1 msgId=2 - UNBIND
conn=75 op=1 msgId=-1 - closing - U1
conn=75 op=-1 msgId=-1 - closed.

Now I do not know what to try next. Any hints?

TIA
Stephan
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Oct 3 2006
Added on Aug 23 2006
#identity-management, #oracle-unified-directory-oud-oracle-directory-server-enterprise-edition-sun-dsee
9 comments
381 views