Logins over ssh and sudo work great with ldap, but when I try to log in from console, it prompts me twice for the password.
If I put a wrong password it prints out that it cannot bind to the ldap server, what means that I'm being able to bind to ldap, but cannot login for some reason. What is the specific file in pam.d/ that is used when authenticating through a ttyv? ----- Mensaje original ----- De: "Jason" <[email protected]> Para: "Dan Nelson" <[email protected]> CC: "Kevin Mai" <[email protected]>, "freebsd-questions" <[email protected]> Enviados: MiƩrcoles, 6 de Octubre 2010 14:00:08 Asunto: Re: LDAP Authentication from console On Wed, Oct 06, 2010 at 11:59:53AM -0500, Dan Nelson thus spake: >In the last episode (Oct 06), Kevin Mai said: >> Hey guys, >> >> I've already configured PAM to authenticate against ldap and it works >> wonderful using ssh/su/sudo/etc, but when I try to log in from >> console it >> prompts: >> >> login: kma >> Password: xxxxxxxx >> LDAP Password: xxxxxxxx (same as the first one) >> Login Incorrect >> login: > >Compare /etc/pam.d/login against one of your other pam services that >works. What I do on my servers is add pam_ldap to pam.d/system, then >blow away most >of the lines in the other files and replace them with > >auth include system >account include system >session include system >password include system > >, so I know everything uses the same configuration. Back when I had used LDAP for authentication I also needed to edit /etc/nsswitch.conf Not sure if this is still the case, or if I was doing it incorrectly, however not having didn't give me the ability to login via ldap. -jgh _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
