From owner-freebsd-questions@FreeBSD.ORG Thu Aug 9 21:30:33 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DAA0216A418 for ; Thu, 9 Aug 2007 21:30:33 +0000 (UTC) (envelope-from admin2@enabled.com) Received: from typhoon.enabled.com (typhoon.enabled.com [216.218.220.21]) by mx1.freebsd.org (Postfix) with ESMTP id BF62B13C4DE for ; Thu, 9 Aug 2007 21:30:33 +0000 (UTC) (envelope-from admin2@enabled.com) Received: from 33.sub-70-212-255.myvzw.com (natint3.juniper.net [66.129.224.36]) (authenticated bits=0) by typhoon.enabled.com (8.14.1/8.14.1) with ESMTP id l79LUUGg067132 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 9 Aug 2007 14:30:32 -0700 (PDT) (envelope-from admin2@enabled.com) Message-ID: <46BB8770.1020707@enabled.com> Date: Thu, 09 Aug 2007 14:30:24 -0700 From: Noah User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728) MIME-Version: 1.0 To: Andy Harrison References: <46BB69EF.9070400@enabled.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: User Questions Subject: Re: Issues while authenticating a user over openLDAP using PAM_ldap [cured] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2007 21:30:33 -0000 see below Andy Harrison wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > On 8/9/07, Noah wrote: >> running FreeBSD 6.2 Stable >> >> we have openLDAP installed on a server called access1. Users on access1 >> appear to not be able to ssh to access1. The ssh authentication method >> uses PAM ldap. PAM_ldap reports "Invalid credentials" in /var/log/messages >> >> We have another server called access2 that authenticates to the the ldap >> server running on access1. those users log in via ssh without issue on >> access2. >> >> I am trying to track down what is broken. I am not even sure how to >> receive verbose logging from PAM and/or PAM_ldap. Any assistance is >> much appreciated. >> >> > > What about your nsswitch.conf file? thanks Andy - that was it! I matched the lines of access1's nsswitch.conf to access2's nsswitch.conf file and things are fine! > > - -- > Andy Harrison > public key: 0x67518262 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.4-svn0 (GNU/Linux) > Comment: http://firegpg.tuxfamily.org > > iD8DBQFGu3FBNTm8fWdRgmIRAoAQAJ4ocG7HEisT2k82NeoRzf1r0XKVawCg+Hrf > l+t2S41Im4TNPEoE8HF3jDc= > =aI1r > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"