Hi!
We are using 389 DS and PAM to pass authentication to active directory. It works fine until someone tries to authenticate with a wrong password. In that case 389 directory server crashes. /log/secure looks like this: Feb 5 12:31:42 st39ldap01 ns-slapd: pam_krb5[12937]: authentication fails for 'k.thormann' (k.thorm...@st.redcross.or.at): Authentication failure (Cannot read password) Feb 5 12:31:42 st39ldap01 ns-slapd: pam_unix(ldapserver:auth): authentication failure; logname= uid=500 euid=500 tty= ruser= rhost= user=k.thormann Feb 5 12:31:43 st39ldap01 ns-slapd: pam_krb5[12937]: authentication fails for 'k.thormann' (k.thorm...@st.redcross.or.at): Authentication failure (Looping detected inside krb5_get_in_tkt) PAM File looks like this: auth sufficient pam_krb5.so use_first_pass forwardable auth include system-auth account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore authinfo_unavail=ignore] pam_krb5.so account include system-auth password include system-auth password sufficient pam_krb5.so use_authtok session optional pam_krb5.so Any idea how we can fix this problem? Cheers, Birgit
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
