Bug 114509
| Summary: | sshd fails authentication with pam_ldap | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Glen Eustace <g.eustace> | ||||||||
| Component: | openssh | Assignee: | Nalin Dahyabhai <nalin> | ||||||||
| Status: | CLOSED NOTABUG | QA Contact: | Brian Brock <bbrock> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | 1 | ||||||||||
| Target Milestone: | --- | ||||||||||
| Target Release: | --- | ||||||||||
| Hardware: | i386 | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2004-01-30 01:26:39 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
Created attachment 97313 [details]
nsswitch
Created attachment 97314 [details]
ldap.conf
Created attachment 97315 [details]
system-auth
Query send to ADS
--------------------
Lightweight Directory Access Protocol
Message Id: 2
Message Type: Search Request (0x03)
Message Length: 104
Base DN: ou=Staff,ou=Clients,dc=massey,dc=ac,dc=nz
Scope: Subtree (0x02)
Dereference: Never (0x00)
Size Limit: 1
Time Limit: 0
Attributes Only: False
Filter: (&(objectclass=User)(msSFUName=NOUSER))
This not a bug, running sshd in debug showed that the shell for the user in ldap was invalid on the system running sshd. Using a user that has a valid shell for the system concerned works fine. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (compatible; Konqueror/3.1) Description of problem: nss_ldap successfully retrieves data from MS ADS using getpwnam() which would indicate that nsswitch.conf and ldap.conf are ok. When authconfig has setup system-auth file, sshd fails to find user. The query being passed to LDAP is looking for NOUSER. Version-Release number of selected component (if applicable): nss_ldap-207-6,openssh-3.6.1p2-19 How reproducible: Always Steps to Reproduce: 1. Run authconfig and select LDAP 2. Attempt ssh to localhost Actual Results: Login declined, invalid user. Additional info: