From: Slava Dubrovskiy <slava@elan.com.ua>
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Subject: Re: [Sysadmins] Изменения файлов в /etc/pam.d/* для работы с pam_ldap
Date: Tue, 01 Aug 2006 17:32:15 +0300
Message-ID: <44CF65EF.3060900@elan.com.ua> (raw)
In-Reply-To: <20060801102438.GH23205@immo.ru>
[-- Attachment #1.1: Type: text/plain, Size: 570 bytes --]
Alexey I. Froloff пишет:
>> Уже понятней, но неужели надо настолько менять все что в /etc/pam.d/ ?
>> Боязно как-то. Неужели в ALT настолько другой pam, что для настройки
>> pam_ldap необходимо так его переделывать.
>>
> Не всё, а только то, что пользуется pam_tcb минуя system-auth.
>
Спасибо. Уже понятней. Но все равно не работает :-(
Сделал все как в статье написано.
Пытаюсь зайти пользователем который есть в системе и нет в LDAP
Спрашивает пароль 2 раза.
Лог прилагаю.
Что я сделал не правильно?
--
С уважением,
Дубровский Вячеслав.
[-- Attachment #1.2: ldap_login.log --]
[-- Type: text/x-log, Size: 1982 bytes --]
Aug 1 17:28:26 serv slapd[7947]: conn=27 fd=15 ACCEPT from IP=127.0.0.1:55527 (IP=0.0.0.0:389)
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=0 BIND dn="cn=Manager,dc=elan,dc=ua" method=128
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=0 BIND dn="cn=Manager,dc=elan,dc=ua" mech=SIMPLE ssf=0
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=0 RESULT tag=97 err=0 text=
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=1 SRCH base="ou=Users,dc=elan,dc=ua" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=slava))"
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=2 SRCH base="ou=Computers,dc=elan,dc=ua" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=slava))"
Aug 1 17:28:26 serv slapd[8723]: conn=27 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Aug 1 17:28:37 serv login[9013]: pam_tcb(login:auth): Authentication passed for slava from (uid=0)
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=3 BIND anonymous mech=implicit ssf=0
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=3 BIND dn="cn=Manager,dc=elan,dc=ua" method=128
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=3 BIND dn="cn=Manager,dc=elan,dc=ua" mech=SIMPLE ssf=0
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=3 RESULT tag=97 err=0 text=
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=4 SRCH base="ou=Users,dc=elan,dc=ua" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=slava))"
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=5 SRCH base="ou=Computers,dc=elan,dc=ua" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=slava))"
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=5 SEARCH RESULT tag=101 err=0 nentries=0 text=
Aug 1 17:28:37 serv slapd[8723]: conn=27 op=6 UNBIND
Aug 1 17:28:37 serv slapd[8723]: conn=27 fd=15 closed
Aug 1 17:28:37 serv login[9013]: pam_tcb(login:session): Session opened for slava by (uid=0)
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 3237 bytes --]
next prev parent reply other threads:[~2006-08-01 14:32 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-01 9:49 Slava Dubrovskiy
2006-08-01 9:57 ` Anton Gorlov
2006-08-01 10:16 ` Slava Dubrovskiy
2006-08-01 10:18 ` Anton Gorlov
2006-08-01 10:24 ` Alexey I. Froloff
2006-08-01 14:32 ` Slava Dubrovskiy [this message]
2006-08-01 14:39 ` Alexey I. Froloff
2006-08-01 14:55 ` Slava Dubrovskiy
2006-08-01 15:02 ` Slava Dubrovskiy
2006-08-01 19:56 ` Mikhail Pokidko
2006-08-02 6:10 ` Dmitriy L. Kruglikov
2006-08-02 7:11 ` Slava Dubrovskiy
2006-08-03 10:21 ` [Sysadmins] Распределение по vserver'ам was [Изменения файлов в /etc/pam.d/* для работы с pam_ldap] Slava Dubrovskiy
2006-08-03 10:33 ` [Sysadmins] Распределение по контейнерам Dmitry V. Levin
2006-08-03 10:43 ` Slava Dubrovskiy
2006-08-03 11:54 ` Dmitry V. Levin
2006-08-03 12:23 ` Slava Dubrovskiy
2006-08-03 12:41 ` Dmitry V. Levin
2006-08-03 13:58 ` Anton Gorlov
2006-08-03 14:06 ` Dmitry V. Levin
2006-08-03 14:06 ` Slava Dubrovskiy
2006-08-04 6:26 ` Slava Dubrovskiy
2006-08-04 8:03 ` Slava Dubrovskiy
2006-08-04 9:48 ` Dmitry V. Levin
2006-08-04 9:58 ` Slava Dubrovskiy
2006-08-04 11:34 ` Slava Dubrovskiy
2006-08-05 9:25 ` Konstantin A. Lepikhov
2006-08-07 20:30 ` Dmitry V. Levin
2006-08-04 15:36 ` Igor Zubkov
2006-08-04 15:41 ` Slava Dubrovskiy
2006-08-03 15:10 ` Konstantin A. Lepikhov
2006-08-03 15:13 ` Slava Dubrovskiy
2006-08-03 16:01 ` Konstantin A. Lepikhov
2006-08-03 15:29 ` Aleksey Avdeev
2006-08-03 17:51 ` Dmitry V. Levin
2006-08-03 19:40 ` Aleksey Avdeev
2006-08-03 15:44 ` Sergey S. Skulachenko
2006-08-03 18:31 ` Dmitry Derjavin
2006-08-03 19:17 ` Konstantin A. Lepikhov
2006-08-03 19:50 ` Dmitry V. Levin
2006-08-03 20:26 ` Dmitry Derjavin
2006-08-03 21:01 ` Dmitry V. Levin
2006-08-04 9:22 ` Eugene Prokopiev
2006-08-04 9:44 ` Dmitry V. Levin
2006-08-05 8:12 ` Eugene Prokopiev
2006-08-05 9:10 ` Michael Shigorin
2006-08-06 13:58 ` Eugene Prokopiev
2006-08-06 14:22 ` Michael Shigorin
2006-08-06 15:57 ` Nikolay A. Fetisov
2006-08-06 18:32 ` Michael Shigorin
2006-08-06 15:06 ` Sergey S. Skulachenko
2006-08-06 18:31 ` [Sysadmins] [OT] " Michael Shigorin
2006-08-07 5:29 ` [Sysadmins] " Eugene Prokopiev
2006-08-08 9:00 ` Sergey S. Skulachenko
2006-08-07 20:33 ` Dmitry V. Levin
2006-08-03 13:23 ` [Sysadmins] Распределение по vserver'ам was [Изменения файлов в /etc/pam.d/* для работы с pam_ldap] Aleksey Avdeev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44CF65EF.3060900@elan.com.ua \
--to=slava@elan.com.ua \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git