I'm trying to trobuleshoot my previuos problem from the basics. I've a box setup with Ubuntu, samba and ldap. I have a lot of problems with user authentications. I'm checking if LDAP and PAM ar working together. I've added an user to ldap with smbldap-useradd command (as posix account) and I'm trying to use it to login via ssh. This user cannot authenticate. Here is the result from auth.log and some configurations files:
Jun 3 11:02:37 localserver sshd[27372]: Invalid user testmio from 192.168.10.1 Jun 3 11:02:37 localserver sshd[27372]: Failed none for invalid user testmio from 192.168.10.1 port 44352 ssh2 Jun 3 11:02:39 localserver sshd[27372]: pam_unix(sshd:auth): check pass; user unknown Jun 3 11:02:39 localserver sshd[27372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=remoteclient.domain.it Jun 3 11:02:39 localserver sshd[27372]: pam_ldap: error trying to bind as user "uid=testmio,ou=Users,dc=domain,dc=it" (Invalid credentials) Jun 3 11:02:41 localserver sshd[27372]: Failed password for invalid user testmio from 192.168.10.1 port 44352 ssh2 If I use the command "getent passwd" I obtain only the account present in /etc/passwd file and none of those included in ldap. /etc/pam.conf is empty # /etc/pam.d/samba @include common-auth @include common-account @include common-session # etc/pam.d/login auth requisite pam_securetty.so auth requisite pam_nologin.so session required pam_selinux.so close session required pam_env.so readenv=1 session required pam_env.so readenv=1 envfile=/etc/default/locale @include common-auth auth optional pam_group.so session required pam_limits.so session optional pam_lastlog.so session optional pam_motd.so session optional pam_mail.so standard @include common-account @include common-session @include common-password session required pam_selinux.so open # /etc/nsswitch.conf passwd: files ldap shadow: files ldap group: files ldap hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis ldap.conf contains the following directives: nss_base_passwd ou=Users,dc=domain,dc=it?one nss_base_passwd ou=Computers,dc=domain,dc=it?one nss_base_shadow ou=Users,dc=domain,dc=it?one nss_base_group ou=Groups,dc=domain,dc=it?one -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
