Subject: RHEL 3.8 LDAP Auth Failure

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	Subject: application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	Subject: X Windows problem (xauth)
•	Subject: Upgrading openoffice 1 1 rpm
•	Subject: FTP: connection refused
•	Subject: FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	Subject: broadcom network interface
•	make mrproper
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	sendmail configuration on redhat
•	kernel 2 6 and /dev/sound/mixer not found
•	Subject: Promise 378 controller
•	Subject: Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	Subject: Lotus Notes under Wine
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	rpm database corrupt
•	Command stream end of file while reading
•	qla2300 modules

Subject: RHEL 3.8 LDAP Auth Failure

Subject: RHEL 3.8 LDAP Auth Failure

2007-05-04 - By Joshua M. Miller

Back

Reply: 1 2 3 4 5

Turns out the problem is with the ACL on the ldap server. For some
reason RHEL 3.8 attempts to bind to the LDAP server to retrieve the
password anonymously unlike the other Linux distros that we use
configured the exact same way.

Anyone know why this might be?

Thanks,
--
Joshua M. Miller - RHCE,VCP

Joshua M. Miller wrote:
> Good morning,
>
> I have a redhat 3.8 host that I am unable to authenticate to with an
> LDAp account after upgrading OpenLDAP (2.0.27 -> 2.3.34). All local
> accounts authenticate, but directory accounts fail. I am using the same
> configuration on ~100 hosts, including RHEL2.1/CentOS 2/3/4 hosts and I
> have 2 RHEL 3.8 hosts which do not work. Configs are pushed via
> cfengine to ensure correctness and homogeneity.
>
> I think it may be a problem with pam not falling through from pam_unix
> to pam_ldap but the config is the same on all hosts.
>
> #cat /etc/pam.d/system-auth
> auth required /lib/security/$ISA/pam_env.so debug
> auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
> debug
> auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
> debug
> auth required /lib/security/$ISA/pam_deny.so debug
>
> account sufficient /lib/security/$ISA/pam_unix.so debug
> account sufficient /lib/security/$ISA/pam_ldap.so debug
>
> password required /lib/security/$ISA/pam_cracklib.so retry=3
> type= debug
> password sufficient /lib/security/$ISA/pam_unix.so nullok
> use_authtok md5 shadow debug
> password sufficient /lib/security/$ISA/pam_ldap.so use_authtok debug
> password required /lib/security/$ISA/pam_deny.so debug
>
> session required /lib/security/$ISA/pam_limits.so debug
> session required /lib/security/$ISA/pam_unix.so debug
> session optional /lib/security/$ISA/pam_ldap.so debug
>
>
> Has anybody experienced this issue? I've attached logs to this email.
>
> TIA,
>
>
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----
>
> --
> Taroon-list mailing list
> Taroon-list@(protected)
> https://www.redhat.com/mailman/listinfo/taroon-list

--
Taroon-list mailing list
Taroon-list@(protected)
https://www.redhat.com/mailman/listinfo/taroon-list