On 17/06/2010, at 6:56 AM, Bruno Steven wrote: > HI, > > I have started openldap more Samba but I can't do logon via console on my > linux, only access my system using ssh or telnet . When I am on console I > put login and password and press "enter" , again show me screen login linux > . If change /etc/nsswitch.conf fields passwd , shadow , group for files > only, the login work normally , Thre is problem between openldap and pam > ?
Am i correct in assuming you are using samba with openldap as a backend also? If so, did you put your samba to have "unix password sync = Yes"? If you did, you will need to use the command smbpasswd -a <username> and re-enter your password to unlock the accounts. Also, have you considered that there is a /etc/pam.d/sshd file also, that may *not* have ldap configured? > > I paste my /etc/nsswitch.conf > > passwd: files ldap > shadow: files ldap > group: files ldap > > #hosts: db files nisplus nis dns > hosts: files dns wins > > and /etc/pam.d/login > > > n#%PAM-1.0 > auth required pam_securetty.so > auth required pam_nologin.so > auth sufficient pam_ldap.so > auth required pam_unix2.so nullok try_first_pass #set_secrpc > account sufficient pam_ldap.so > account required pam_unix2.so > password required pam_pwcheck.so nullok > password required pam_ldap.so use_first_pass use_authtok > password required pam_unix2.so nullok use_first_pass use_authtok > session required pam_unix2.so none # debug or trace > session required pam_limits.so > session required pam_env.so > session optional pam_mail.so > > > > #auth [user_unknown=ignore success=ok ignore=ignore default=bad] > pam_securetty.so > #auth include system-auth > #account required pam_nologin.so > #account include system-auth > #password include system-auth > # pam_selinux.so close should be the first session rule > #session required pam_selinux.so close > #session include system-auth > #session required pam_loginuid.so > #session optional pam_console.so > # pam_selinux.so open should only be followed by sessions to be executed in > the user context > #session required pam_selinux.so open > #session optional pam_keyinit.so force revoke > > > Thanks. > > > -- > Bruno Steven - Administrador de sistemas. > LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 > https://www.lpi.org/caf/Xamman/certification > > MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 > https://mcp.microsoft.com/authenticate/validatemcp.aspx > > > P Antes de imprimir pense em sua responsabilidade e comprometimento com o > Meio Ambiente. Before printing this message, think about your ecologic > responsability and environment commitment.
