 | | | PAM troubleshooting | PAM troubleshooting 2006-03-30 - By redhat@(protected)
Back
I am trying to troubleshoot what appears to be a PAM issue with LDAP
authentication. I can authenticate find with ldap, but when I try to su
- I get an access denied with nothing logged in any of the log files.
This seems to happen when the "pam_check_host_attr" is on in the
ldap.conf file. The only way I can get around this is to change
"required" to "sufficient" in the account section of
/etc/pam.d/system-auth for the pam_unix module (/etc/pam.d/su uses
system-auth). This is required on some systems and on identically
configure systems it is not. I would like to enable debugging for pam.
I have tried to add the debug option to the end of the pam_unix and
pam_ldap module, but I don't seem to see any more syslog output than
when it was not there. I also added the following line to syslog.conf:
" *.debug,authpriv.* /var/log/mydebug"
I even tried "*.* /var/log/mydebug" with no increase in pam logging.
Is something else required to get pam debug messages?
Thanks
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe
|
|
|