pam_ldap

Ahoj,

na Ubuntu 6.06 pouzivam k autentifikaci pam_ldap.so, ktery taha informace z Active Directory. Vsichni useri maji pridana unixova rozsireni (homedir, uid, ...) Prislusne casti konfiguracnich souboru vypadaji takto:

/etc/nsswitch.conf:

passwd:         compat ldap
group:          compat ldap
shadow:         compat ldap

/etc/pam.d/common-auth:

auth    sufficient      pam_ldap.so
auth    required        pam_unix.so nullok_secure

/etc/pam.d/common-account:

account sufficient      pam_ldap.so
account required        pam_unix.so

/etc/pam.d/common-session:

session sufficient      pam_ldap.so
session required        pam_unix.so
session required        pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional        pam_foreground.so

/etc/pam.d/common-password:

password   sufficient pam_ldap.so
password   required   pam_unix.so nullok obscure min=4 max=8 md5

Problem je v tom, ze autentifikace se zdari az pote, co usera vytvorim lokalne na linuxove masine. Pritom overeni probehne pomoci hesla z AD. Pokud ho odeberu z linuxu, autentifikace se nezdari. V /var/log/auth.log vypise nasledujici hlasku:

Aug  3 11:54:35 Apolon sshd[2554]: Invalid user karel from 192.168.1.102
Aug  3 11:54:35 Apolon sshd[2554]: Failed none for invalid user karel from 192.168.1.102 port 38221 ssh2
Aug  3 11:54:38 Apolon sshd[2554]: pam_ldap: error trying to bind as user "CN=Novak Karel,OU=Recepcni,OU=nasefirma,OU=firma,DC=praha,DC=nasefirma,DC=cz" (Invalid credentials)
Aug  3 11:54:38 Apolon sshd[2554]: (pam_unix) check pass; user unknown
Aug  3 11:54:38 Apolon sshd[2554]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.102
Aug  3 11:54:40 Apolon sshd[2554]: Failed password for invalid user karel from 192.168.1.102 port 38221 ssh2

Nejake napady, co je spatne? Dik

Dotaz: pam_ldap