Jan_Riedel@gish.de
2002-Jul-24 00:20 UTC
[Samba] Smb-LDAP Authentification -- HowTo IDEALX
Hello All, I have a problem with the autentification using SAMBA and LDAP. I use the SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiled SAMBA 2.2.5 and use the OpenLDAP from the distribution. The problem is: I can?t join the domain with W2K and I guess it is a problem with the authentification with LDAP. Because when I use the example from the HowTo to create a user as: degislx1:> smbldap-useradd.pl -m -a smbtest degislx1:> smbldap-passwd.pl smbtest Setting the password and thn try to: degislx1:> ssh smbtest@degislx1 After typing the password there is an error message called: Permisson denied. And the /var/log/messages says: Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal user smbtest from ::1 port 33262 Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal user smbtest from ::1 port 33262 Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handle passed Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal user smbtest from ::1 port 33262 Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1 I have modified the pam module in /etc/pam.d/sshd to : #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_ldap.so auth required pam_unix.so use_first_pass # set_secrpc account required pam_unix.so password required pam_pwcheck.so password required pam_ldap.so use_authtok password required pam_unix.so use_first_pass use_authtok session required pam_unix.so session required pam_limits.so session required pam_env.so session optional pam_mail.so When I type in getent passwd I get all the users in passwd and LDAP tree and I also change /etc/nsswitch.conf to required values... What can be the error ??? Thx for your help, Jan
try changing your pam.d/sshd: password sufficient pam_ldap.so use_authtok greetz ----- Original Message ----- From: <Jan_Riedel@gish.de> To: <samba@lists.samba.org> Sent: Wednesday, July 24, 2002 9:15 AM Subject: [Samba] Smb-LDAP Authentification -- HowTo IDEALX> > Hello All, > > I have a problem with the autentification using SAMBA and LDAP. I use the > SMBLDAP HowTo from IDEALX , but I use SuSE 7.3 as distribution. I compiledSAMBA> 2.2.5 and use the OpenLDAP from the distribution. The problem is: I can?tjoin> the domain with W2K and I guess it is a problem with the authentificationwith> LDAP. Because when I use the example from the HowTo to create a user as: > degislx1:> smbldap-useradd.pl -m -a smbtest > degislx1:> smbldap-passwd.pl smbtest > > Setting the password and thn try to: > > degislx1:> ssh smbtest@degislx1 > > After typing the password there is an error message called: Permissondenied.> And the /var/log/messages says: > Jul 24 12:15:25 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handlepassed> Jul 24 12:15:27 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handlepassed> Jul 24 12:15:27 degislx1 sshd[6408]: Failed password for illegal usersmbtest> from ::1 port 33262 > Jul 24 12:15:29 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handlepassed> Jul 24 12:15:29 degislx1 sshd[6408]: Failed password for illegal usersmbtest> from ::1 port 33262 > Jul 24 12:15:30 degislx1 sshd[6408]: PAM pam_set_item: NULL pam handlepassed> Jul 24 12:15:30 degislx1 sshd[6408]: Failed password for illegal usersmbtest> from ::1 port 33262 > Jul 24 12:15:30 degislx1 sshd[6408]: Connection closed by ::1 > > I have modified the pam module in /etc/pam.d/sshd to : > > #%PAM-1.0 > auth required pam_nologin.so > auth sufficient pam_ldap.so > auth required pam_unix.so use_first_pass # set_secrpc > account required pam_unix.so > password required pam_pwcheck.so > password required pam_ldap.so use_authtok > password required pam_unix.so use_first_pass use_authtok > session required pam_unix.so > session required pam_limits.so > session required pam_env.so > session optional pam_mail.so > > When I type in getent passwd I get all the users in passwd and LDAP treeand I> also change /etc/nsswitch.conf to required values... > > What can be the error ??? > > Thx for your help, > Jan > > > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >