Red Hat Bugzilla – Bug 97676
GDM LDAP User Authentication Fails
Last modified: 2007-03-27 00:07:11 EDT
Description of problem:
GDM authentication fails for LDAP user log in sessions.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure a Red Hat Linux 9.0 LDAP server:
2. Configure a Red Hat Linux 9.0 LDAP client:
3. If no user accounts were added to the LDAP database with the migration tools,
then added a test user account.
4. Create a local home directory for the LDAP user on the LDAP client host.
5. Confirm there is no local account for the LDAP user on the LDAP client host.
6. Log in without GDM (su, ssh, a tty login screen, etc) to confirm it works.
7. Log in with GDM login window to verify failure.
User log in error message.
Log in to GDM session with LDAP user account.
An excerpt from the /var/log/messages file on the LDAP client system is
The first four lines show GDM log in failures for the testuser0 account which
is the LDAP user account. Then it is followed by successful testuser0 log in
sessions from the login (tty1), su, and sshd utilities.
To illustrate that GDM does work for local accounts, I used my gdonnell local
account to log into a GDM session. The log file has successful log in messages
for my gdonnell local account.
Created attachment 92479 [details]
Do not use TLS encryption on the LDAP client host because it does not work.
I reported this in the 97675 ticket.
I resolved the problem. When I got TLS encryption to work, I was able to log
in from the GDM login screen. I figured that GDM requires TLS encryption to
be enable. For security reasons, this is very good.
In the 97675 ticket, I documented how I used the 51352 ticket to resolve the
TLS encryption problem in the 97675 ticket.
The TLS encryption requirement for GDM to authenticate with LDAP should be
documented. May be I over looked it. I did not see this in the Red Hat
Reference Guide or DAP Linux HOWTO.
*** This bug has been marked as a duplicate of 51352 ***