Hi Holger, > Then I tried to login and failed. "Login incorrect". > In my messages: > > slapd[5527]: slapd starting > login[4786]: pam_ldap: ldap_search_s No such object > login[4786]: FAILED LOGIN 1 FROM /dev/tty1 FOR UNKNOWN, User not known to > the underlying authentication module >
It seems that you are using ldap to log in to your system, correct? In this case you'll also have to set it up to authenticate to your directory with a valid user. I'm not sure how Suse does this, but in Debian you'd set a binddn and bindpw containing a DN to bind to the directory with and its password, respectively, in order to allow libnss-ldap to lookup user names in the database correctly. I'd advise you to look at Suse's documentation for more information on setting this up. > > If I change the last line of the ACLs to: > by * read > everything works fine. Thats understandable as the system will be able to do ldap lookups anonymously. Just look at Suse's docs on how to set its pam-ldap and nss-ldap to authenticate to your ldap server. -- Diego Lima http://www.diegolima.org
