Red Hat Bugzilla – Bug 328361
Account has same username as group name failed to login LDAP enabled machine
Last modified: 2010-07-01 13:08:42 EDT
Description of problem:
When a user has the same username as group name in LDAP directory, the user
can't authenticate successfully when trying to log into the LDAP enabled machine
either by console or ssh.
If duplicate the account, and then change username and uid, then the same
password works fine.
Version-Release number of selected component (if applicable):
This happens to RHEL5 only. RHEL4.x works fine.
Steps to Reproduce:
1. Create an account with a username same as a primary group name in LDAP.
2. Configure /etc/ldap.conf, /etc/openldap/ldap.conf
3. Try log into the machine as the user
I can't reproduce this here with a test user whose primary group has the same
name as the user, using either pam_ldap or pam_krb5 for checking passwords.
Are you also using a different module which might be denying the user's attempts
to log in? Can you attach the contents of your /etc/ldap.conf,
/etc/pam.d/login, /etc/pam.d/sshd, and /etc/pam.d/system-auth files? Is there
anything in /var/log/messages or /var/log/secure which might provide a clue?
Closing. If you have additional data please reopen.