[SATLUG] LDAP auth
Alan L. Lesmerises
alesmerises at satx.rr.com
Fri Jun 8 22:23:09 CDT 2007
Could it be that it's looking for a 'strong' login (something that's not easy to guess)? What happens if the login is changed to an ordinary 6-character name without a number at the end, or a 5-character name including a number?
David Kowis wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> robert c3 wrote:
>> I've got several boxes where I'm doing LDAP authentication through PAM.
>> I've got a user with a 5 character UID who can't log into my Debian
>> (Sarge & Etch) boxes but logs in just fine on my RHEL4 machines. Any
>> ideas? If I change his UID to a 6 character UID, it works on the Debian
>> machines.
>>
>> The non-working DN looks like:
>> uid=smith,ou=People,dc=my,dc=domain,dc=com
>>
>> If I change it to:
>>
>> uid=smith2,ou=People,dc=my,dc=domain,dc=com
>>
>> it works.
>>
>> Any ideas?
>
> Perhaps the LDAP search parameters for the debian box are different than
> the search parameters on the RHEL boxes? For some odd reason the query
> could be looking for at least 6 character usernames :/ Just a guess. But
> that's where I'd start looking, how the boxes interact with the LDAP
> server :)
>
> hth.
>
> - --
> David Kowis
>
> www.sourcemage.org
> SourceMage GNU/Linux
>
> Progress isn't made by early risers. It's made by lazy men trying to
> find easier ways to do something.
> - Robert Heinlein
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQGVAwUBRmnldsnf+vRw63ObAQqOFQv/TRp2urCm1YO0uwpV3vYLK0vPMOfK5Mop
> FRjmQ/QTghlvUb8kymHKJZXx51DwDsKSCEKmNSz+53vjN/6F6SlZw6RgAzOGB+wu
> GdgKgSnPgNqSZ5+WRmcluBmmruA471xtA/XpY2Bfynop1oBY+/fFswkZU3FQ+HvR
> ctws1DnBWyONrSeYdWeaFrHbwa99XNVuTIYqbWUi5cMHBEM/k8P4WeyN+X2kqbYt
> Lx4FacHv8QFQ2gR+0VBbxWSsxEvomGSOCG1s3WPt7C+v0gLjWhE7at9DVZGrttmI
> T20FsM2CDBYzVcGpHSdM8y7Vbjd1dYS87jIsb1uIDdvd7od6nKt4h2drewQ/uYO3
> gyiXDav+2kWfFhdwfvubEb9OHcaKFvEe1PEU9GvVs5/UOabZG2aAyCOUSXSwLaFI
> ZZnqssMFb/IHVaPJrRbvLIOzQrJEclEjsXdrD+cwNWYW03V4bRQoMkS/00ZoIViz
> GpDb3w7Cac8LtaupnBCvEzgnci3l6EtM
> =1jlU
> -----END PGP SIGNATURE-----
More information about the SATLUG
mailing list