Re: cannot login after ldap setup

From: AK (aktrader2@excite.com)
Date: 03/28/03 

From: AK <aktrader2@excite.com>
Date: Fri, 28 Mar 2003 05:31:18 GMT

joe dekk wrote:
> I have a remote server running sshd -- behind
> firewall and private network. It was working
> before I changed three files so that I can
> authenticate _guest_ ftp users against an ldap
> database. (These ftp users won't have ssh
> access since their log in shells will be
> /sbin/nologin) In any case I can no loger log
> in to this server anymore with _real_ users
> who have entries in /etc/passwd files and proper
> shells. For example I could log in with public
> key before and now the same account is now
> blocked.
>
> Here is the tail end of "ssh -v". Can someone
> tell me what this problem might be?
> ------
> debug1: ssh-userauth2 successful: method publickey
> debug1: channel 0: new [client-session]
> debug1: send channel open 0
> debug1: Entering interactive session.
> debug1: channel_free: channel 0: client-session, nchannels 1
> Connection to up closed by remote host.
> Connection to up closed.
> debug1: Transferred: stdin 0, stdout 0, stderr 67 bytes in 0.0 seconds
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 76658.5
> debug1: Exit status -1
> ---------
> System is running redhat 8.0 and sshd_config has not been
> changed.
>
> I changed these three files
>
> /etc/sysconfig/authconfig
> /etc/pam.d/system-auth
> /etc/nsswitch.conf
> -----------
>
> What I don't understand is that even if ldap authentication is
> not working why can't users with entries in /etc/passwd, say,
> log in to this system?
>
> Thanks
>

Does nsswitch.conf have files before LDAP options for usernames and
passwords? Did you recompile OpenSSH to use LDAP for authentication?

AK

Relevant Pages

  • Re: SSL bind to LDAP for password change
    ... Do you have any idea if the SSL handshake, the LDAP connection or the bind operation is at issue? ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.platformsdk.security)
  • Re: Running out of Sockets
    ... Now, for LDAP queries using .Net API's, if you're opening and closing ... sockets that frequently, you've got bigger problems. ... some sort of LDAP Connection Pool, which allows you to re-use LDAP ... created MaxUserPort entry in registry on service machine toa llow 65,500 ...
    (microsoft.public.dotnet.framework)
  • Problem with Samba+LDAP
    ... LDAP server". ... Error was Transport endpoint is not connected ... connection from ... Error writing 5 bytes to socket 5: ERRNO = Broken pipe ...
    (SunManagers)
  • Re: LDAP Profile import MOSS 2007
    ... from a Global directory via LDAP. ... Read access has been granted to the default access account and when ... creating the Import Connection in SSP it works fine. ...
    (microsoft.public.sharepoint.portalserver)
  • Re: LDAPS connnectivity
    ... It depends on what APIs are in use, but with Windows-based LDAP APIs, you ... can still get an LDAPS connection by specifying just the domain. ... LDAP API to do this work implicitly. ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.windows.server.active_directory)