At Sat, 30 Mar 2019 15:24:34 -0700 Billy MacAllister <[email protected]> wrote:
> > On Sat, 30 Mar 2019 16:44:31 -0400 (EDT) > Robert Heller <[email protected]> wrote: > > > I have a server running CentOS 6 on the bare metal, running the stock > > CentOS 6 OpenLDAP packages (openldap-2.4.40-16.el6.x86_64, > > openldap-clients-2.4.40-16.el6.x86_64, openldap-2.4.40-16.el6.i686, > > openldap-servers-2.4.40-16.el6.x86_64) [yes I know these are old, but > > they *work* -- "If it ain't broke, don't fix it."]. There are two VMs > > running on this server, one running Ubuntu 14.04 and the other Ubuntu > > 18.04. (These two VMs are/will be servers for DRBL.) The Ubuntu 14.04 > > VM (and all of its diskless clients) are perfectly happy to talk to > > the OpenLDAP server (slapd) running on the CentOS 6 machine. The > > Ubuntu 18.04 VM is not. ldapsearch works everywhere though, so it is > > NOT the server or the core ldap libraries on any of the machines > > (partitularly the Ubuntu 18.04 VM). I can only assume that there is > > something fishy with nslcd or the pam/ldap libraries or config on the > > Ubuntu 18.04 VM. I have checked everything, but I am coming up > > empty. I am thinking there might be some "trick" to getting LDAP > > Authentication to work under Ubuntu 18.04 that I am missing. > > > > I have many Bionic systems running nslcd without any problems. I > don't think that it is nslcd that is the problem. I am wondering if the problem is the version of /lib/x86_64-linux-gnu/security/pam_ldap.so I have installed. There appears to be *two* versions available: One from the package libpam-ldapd and one from the package libpam-ldap. YES! I just installed libpam-ldapd (replacing the previously installed libpam-ldap), and now things are working! > > When you are debugging you should turn of nscd. It just gets in > the way. If it were me I would make sure that stats logging is on > on the LDAP server. Then I would watch the LDAP server log as I > attemptes a login on the 18.04 system. > > Bill > > > -- Robert Heller -- 978-544-6933 Deepwoods Software -- Custom Software Services http://www.deepsoft.com/ -- Linux Administration Services [email protected] -- Webhosting Services
