This is a bit peculiar looking. What version of Solaris?
Did you run ldapclient to initialize your pam.conf?
What does the "other" stack look like (or "dtlogin",
if you have one)?
To get your 3.1 patch level, you can run:
on sparc: showrev -p | grep 120879
on x86: showrev -p | grep 120880
-Bob
Blaine Hulbert wrote:
What does pam.conf stack for dtlogin-SunRay look like?
dtlogin-SunRay auth sufficient /opt/SUNWut/lib/pam_sunray.so
dtlogin-SunRay auth requisite /opt/SUNWut/lib/sunray_get_user.so.1
property=username
dtlogin-SunRay auth required /opt/SUNWut/lib/pam_sunray_amgh.so.1
dtlogin-SunRay auth requisite /opt/SUNWut/lib/sunray_get_user.so.1
prompt
dtlogin-SunRay auth required /opt/SUNWut/lib/pam_sunray_amgh.so.1
clearuser
dtlogin-SunRay auth requisite pam_authtok_get.so.1
dtlogin-SunRay auth required pam_dhkeys.so.1
dtlogin-SunRay auth required pam_unix_cred.so.1
dtlogin-SunRay auth required pam_unix_auth.so.1
dtlogin-SunRay auth required pam_ldap.so.1
dtlogin-SunRay account requisite pam_roles.so.1
dtlogin-SunRay account required pam_unix_account.so.1
dtlogin-SunRay account required pam_ldap.so.1
dtlogin-SunRay session required pam_unix_session.so.1
dtlogin-SunRay password required pam_dhkeys.so.1
dtlogin-SunRay password requisite pam_authtok_get.so.1
dtlogin-SunRay password requisite pam_authtok_check.so.1
dtlogin-SunRay password required pam_authtok_store.so.1
How about utnsclogin?
utnsclogin auth requisite /opt/SUNWut/lib/sunray_get_user.so.1
property=usernameutnsclogin auth required
/opt/SUNWut/lib/pam_sunray_amgh.so.1
utnsclogin auth requisite pam_authtok_get.so.1
utnsclogin auth required pam_dhkeys.so.1
utnsclogin auth required pam_unix_cred.so.1
utnsclogin auth required pam_unix_auth.so.1
utnsclogin auth required pam_ldap.so.1
utnsclogin account requisite pam_roles.so.1
utnsclogin account required pam_unix_account.so.1
utnsclogin session required pam_unix_session.so.1
utnsclogin password required pam_dhkeys.so.1
utnsclogin password requisite pam_authtok_get.so.1
utnsclogin password requisite pam_authtok_check.so.1
utnsclogin password required pam_authtok_store.so.1
utnsclogin account required pam_ldap.so.1
What version of SRSS, including patch level?
3.1 - sorry - I don't know where to find the patch level
Are you having trouble with card-based logins, or NSCM
logins?
card
thank you.
-Bob
Blaine Hulbert wrote:
After a ton of configuration and testing, I have finally been able to
authenticate to my solaris 10 box using pam ldap and DS 5.2 in every way
ie ssh, telnet, console, xnest (for testing) etc.
I cannot figure out why I am not able to login with a sunray session.
All my access logs (that I know of) are giving me no clues.
nsswitch.conf, pam.conf (added utlogin auth req. pam_ldap.so.. etc.),
ldap_client_file, etc all look ok.
This is just a quick post to see if anyone has a suggestion on where
else to look?
Thanks
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
