From owner-freebsd-net@FreeBSD.ORG Fri Jan 20 07:36:31 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76F3316A41F for ; Fri, 20 Jan 2006 07:36:31 +0000 (GMT) (envelope-from Joerg.Pulz@frm2.tum.de) Received: from mailhost.frm2.tum.de (mailhost.frm2.tum.de [129.187.179.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id C353F43D49 for ; Fri, 20 Jan 2006 07:36:26 +0000 (GMT) (envelope-from Joerg.Pulz@frm2.tum.de) Received: from localhost (mailhost.frm2.tum.de [129.187.179.12]) by mailhost.frm2.tum.de (8.13.4/8.13.4) with ESMTP id k0K7aO6w051391; Fri, 20 Jan 2006 08:36:24 +0100 (CET) (envelope-from jpulz@frm2.tum.de) Received: from hades.admin.frm2 (hades.admin.frm2 [172.25.1.10]) by mailhost.frm2.tum.de (8.13.4/8.13.4) with ESMTP id k0K7aOPx051387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 20 Jan 2006 08:36:24 +0100 (CET) (envelope-from jpulz@frm2.tum.de) Received: from hades.admin.frm2 (localhost [127.0.0.1]) by hades.admin.frm2 (8.13.4/8.13.4) with ESMTP id k0K7aOWo018772; Fri, 20 Jan 2006 08:36:24 +0100 (CET) (envelope-from jpulz@frm2.tum.de) Received: (from jpulz@localhost) by hades.admin.frm2 (8.13.4/8.13.4/Submit) id k0K7aNWM018771; Fri, 20 Jan 2006 08:36:23 +0100 (CET) (envelope-from jpulz) Date: Fri, 20 Jan 2006 08:36:20 +0100 (CET) From: Joerg Pulz To: Andrew MacTaggart In-Reply-To: Message-ID: <20060120083440.H1074@hades.admin.frm2> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: at mailhost.frm2.tum.de Cc: freebsd-net@freebsd.org Subject: Re: nss_ldap and pam_ldap troubles X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2006 07:36:31 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 20 Jan 2006, Andrew MacTaggart wrote: > having trouble getting nss_ldap and Pam_ldap to work. > > running freebsd 5.4 > ldap - edirectory - remote server > ldapsearch works > > installed nss_ldap > installed pam_ldap > change parameters in ldap.conf and nss_ldap.conf > host 10.x.x.x > base o=mybase > basspw = XXXXXXXXXXXX > > nsswitch.conf > > group: files ldap > passwd: files ldap > > pam.d/sshd > > auth sufficient /usr/local/lib/pam_ldap.so no_warn try_first_pass > > can't figure out how to enable logging > > ssh fails but it takes longer like it is querry something. > > need help on how to enable logging for pam_ldap and nss_ldap > > need to know where I am making a mistake. > > debug would be helpful. Try the following lines in nss_ldap.conf and ldap.conf: logdir /var/log debug 9 Now you should get a seperate file for every process which is using either pam_ldap or nss_ldap. Joerg - -- The beginning is the most important part of the work. -Plato -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD0JL3SPOsGF+KA+MRAqVWAJ9Y6ImfYN/zUjIGxtRHR9p1ugBC6ACbBeYj pGOVntAynd6lDfa45EH2Dk8= =2Yb9 -----END PGP SIGNATURE-----