Hi James,
> I'm wanting to use LDAP with the pam_ldap module to authenticate all sorts
>From the looks of your error logs I suspect that you haven't successfully
set the password for that user in the LDAP directory.
I'm not familiar with OpenLdap but I would suggest that you need to find a
tool which can set and test the password for that user. (Eg can ldapsearch
be forced to bind as a user). If you are a good C hacker, you could
probably pull the pam_ldap.c code to piecies and write your own test
routine that took a uid and passwd of the command line and returned the
bind result.
Also if you are familiar with C it's not too hard to hack the pam_ldap
and put a syslog message containing the password string into the pam
code so that you can check that the password it is trying to bind with is
the one you typed in. I think session->conf->bindpw is the variable you
need to see.
One other word about pam_ldap, some applications (most notably proftpd)
check for the presence of the user account in /etc/passwd BEFORE calling
the pam module. So no matter what you do with pam, you cannot be free of
the entry in /etc/passwd.
HTH
rgds
Pete
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
