From Bugzilla Helper: User-Agent: Mozilla/5.0 (compatible; Konqueror/3.1) Description of problem: nss_ldap successfully retrieves data from MS ADS using getpwnam() which would indicate that nsswitch.conf and ldap.conf are ok. When authconfig has setup system-auth file, sshd fails to find user. The query being passed to LDAP is looking for NOUSER. Version-Release number of selected component (if applicable): nss_ldap-207-6,openssh-3.6.1p2-19 How reproducible: Always Steps to Reproduce: 1. Run authconfig and select LDAP 2. Attempt ssh to localhost Actual Results: Login declined, invalid user. Additional info:
Created attachment 97313 [details] nsswitch
Created attachment 97314 [details] ldap.conf
Created attachment 97315 [details] system-auth
Query send to ADS -------------------- Lightweight Directory Access Protocol Message Id: 2 Message Type: Search Request (0x03) Message Length: 104 Base DN: ou=Staff,ou=Clients,dc=massey,dc=ac,dc=nz Scope: Subtree (0x02) Dereference: Never (0x00) Size Limit: 1 Time Limit: 0 Attributes Only: False Filter: (&(objectclass=User)(msSFUName=NOUSER))
This not a bug, running sshd in debug showed that the shell for the user in ldap was invalid on the system running sshd. Using a user that has a valid shell for the system concerned works fine.