Re: trouble with pam-ldap

[Jeremy Brown]

OK, as per the suggestions given, I've changed my pam config files to read:
/etc/pam.d/common-account:
account sufficient pam_ldap.so
account required pam_unix.so try_first_pass
/etc/pam.d/common-auth:
auth sufficient pam_ldap.so
auth required pam_unix.so try_first_pass
/etc/pam.d/common-session:
session sufficient pam_ldap.so
session required pam_unix.so try_first_pass
/etc/pam.d/common-password:
password   sufficient pam_ldap.so
password   sufficient pam_unix.so try_first_pass nullok obscure min=4 
max=8 md5

Also, I modified nsswitch.conf to read:
passwd:         files ldap
group:          files ldap
shadow:         files ldap
hosts:          files dns
networks:       files
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis
Now I can log in as jeremy.brown (although my home directory doesn't 
exist on this machine), but once logged in my user name becomes "I have 
no name!":

login as: jeremy.brown
Password:
Last login: Wed Oct 13 10:44:16 2004 from 172.28.2.124
Could not chdir to home directory /home/jeremy.brown: No such file or 
directory
I have no [EMAIL PROTECTED]:/$


Again, here are entries written to "/var/log/auth.log" while I'm logging in:
Oct 13 10:44:45 localhost sshd[3531]: Accepted keyboard-interactive/pam 
for jeremy.brown from ::ffff:172.28.2.124 port 1291 ssh2
Oct 13 10:44:45 localhost sshd[3531]: nss_ldap: reconnecting to LDAP 
server...
Oct 13 10:44:45 localhost sshd[3531]: nss_ldap: reconnected to LDAP 
server after 1 attempt(s)

I thought maybe this was a problem with my LDAP structure, but oddly 
enough I can chown a file to "jeremy.brown", and it works:

file2:/tmp# touch testfile
file2:/tmp# ls -l testfile
-rw-r--r--  1 root root 0 Oct 13 10:48 testfile
file2:/tmp# chown jeremy.brown testfile
file2:/tmp# ls -l testfile
-rw-r--r--  1 jeremy.brown root 0 Oct 13 10:48 testfile
file2:/tmp# chown fake.user testfile
chown: `fake.user': invalid user
To me this indicates that nss_ldap is working.  So why can't bash figure 
out my username when I log in?

Thanks in advance,
Jeremy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]