On Apr 17, 2009, at 11:04 PM, Panos wrote:
hello I'm trying to setup an ldap for authenticating users.
I think that the ldap server is ok
but ssh gives me an error PAM authntication error illigal user XXX
from XXX.XXX.XXX.XXX
I think that something is wrong when pam-ldap is quering tο ldap.
Fisrt I thounght that was acl problem so I tried something like this
access * by * write
full access to alla but nothing.
When I'm using phpldadmin to connet to ldap I have no problem,
[snip]
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 fd=11 ACCEPT from
IP=127.0.0.1:51667 (IP=0.0.0.0:389)
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 op=0 BIND
dn="cn=manager,dc=something,dc=something,dc=something" method=128
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 op=0 BIND
dn="cn=manager,dc=something,dc=something,dc=something" mech=SIMPLE
ssf=0
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 op=0 RESULT tag=97 err=0
text=
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 op=1 SRCH
base="ou=users,dc=something,dc=something,dc=something" scope=2
deref=0 filter="(&(?objectClass=possixAccount)(uid=ldap_test))"
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 op=1 SEARCH RESULT
tag=101 err=0 nentries=0 text=value does not conform to assertion
syntax
Apr 18 00:01:05 FreeBSD slapd[1336]: conn=0 fd=11 closed (connection
lost)
I suggest you have a look at the LDAP filter.
The log above shows:
(&(?objectClass=possixAccount)(uid=ldap_test))
While I expect something like:
(&(objectClass=possixAccount)(uid=ldap_test))
i.e. remove the '?'.
Regards,
- Emiel
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
