Re: [SunRay-Users] SunRay pam_ldap woes

[P.S.M.Swamiji]

Did you instrumented pam_ldap.so to Sun Ray related pam entries in 
/etc/pam.conf file?.
How does the /etc/pam.conf entries look like?.

Thanks
P.S.M.Swamiji
Note: These are my personal opinions, nothing to do with my employer

Ian Allison wrote:
Hi,

I'm having a lot of difficulty getting SRSS 3.1 to authenticate via 
LDAP. I am running a v480 with solaris 5.10 patched and up to date. 
When I try to log in as a user defined in LDAP (iPlanet), dtlogin just 
respawns itself and I get nowhere, the odd thing is I can log in at 
the console or over ssh as the same LDAP user, but at a SunRay, I get 
the message

sunray_get_user:pam_sm_auth: pam_get_user returned 6 (PAM_CONV_ERR)

We've tried...

i) Checking the permissions on the user home directories,

ii) Looking for Xserver errors in /var/opt/SUNWut/log/Xerrors,

iii) Enabling all netservices

The ldapsearch for user details shows up in the logs of the LDAP 
server,  but some combination of pam (sunray_get_user) and dlogin 
fails to let the user log in.

If the user gives the wrong password, dtlogin sees this and prompts 
him to try again, but if the correct password is given dtlogin just 
restarts. Nothing ever gets written to the user's home directory.

Does anyone know where to look to start fixing this.

THanks,   
    Ian.

P.S. Here is debug info from pam during a failed login


Aug 26 17:05:57 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 444329 user.debug] 
utinfo:ut_setproperties: buffer = control srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox doamgh=true
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox doamgh=true
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox '
Aug 26 17:05:57 srbox utinfo:begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 493413 user.debug] 
utinfo:ut_setproperties: ret.buffer = begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 142817 user.debug] 
sunray_get_user:pam_sm_auth: succeeded display 6 MODE=2, un=iana
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 368275 user.debug] Entering 
waitForConnected
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 214450 user.debug] 
waitForConnected: Connected
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 225182 user.debug] 
utinfo:ut_issuePropertiesCallback: buffer = control 
srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request properties
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request properties
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox '
Aug 26 17:05:57 srbox utinfo:begin response
Aug 26 17:05:57 srbox firstServer=c0a88001
Aug 26 17:05:57 srbox localAddress=192.168.128.1
Aug 26 17:05:57 srbox event=insert
Aug 26 17:05:57 srbox auth=false
Aug 26 17:05:57 srbox cause=insert
Aug 26 17:05:57 srbox doamgh=true
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 118685 user.info] 
pam_sunray_amgh::[DPY=6] AMGH_SUMMARY: token=pseudo.0003ba5d3982, 
username=iana, AMGH_Done?=NO(Local Session), Details=AMGH is not 
configured., AMGH_Target=*NONE*
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 444329 user.debug] 
utinfo:ut_setproperties: buffer = control srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox username=
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox username=
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox '
Aug 26 17:05:57 srbox utinfo:begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 493413 user.debug] 
utinfo:ut_setproperties: ret.buffer = begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 444329 user.debug] 
utinfo:ut_setproperties: buffer = control srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox doamgh=false
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:05:57 srbox request setproperties
Aug 26 17:05:57 srbox cookie=3671764208285120585
Aug 26 17:05:57 srbox doamgh=false
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox '
Aug 26 17:05:57 srbox utinfo:begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:05:57 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:05:57 srbox dtlogin[18193]: [ID 493413 user.debug] 
utinfo:ut_setproperties: ret.buffer = begin response
Aug 26 17:05:57 srbox status=0
Aug 26 17:05:57 srbox end
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 453631 user.debug] tid= 1: 
Adding connection (serverAddr=10.0.0.1)
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 776464 user.debug] tid= 1: 
Initialized sessionPool
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 816976 user.debug] tid= 1: 
Connection added [0]
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 467101 user.debug] tid= 1: 
connectionID=1024
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 805042 user.debug] tid= 1: 
shared=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 982078 user.debug] tid= 1: 
usedBit=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 727660 user.debug] tid= 1: 
threadID=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 577507 user.debug] tid= 1: 
serverAddr=10.0.0.1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 939703 user.debug] tid= 1: 
AuthType=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 142272 user.debug] tid= 1: 
TlsType=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 537450 user.debug] tid= 1: 
SaslMech=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 625532 user.debug] tid= 1: 
SaslOpt=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 639905 user.debug] tid= 1: 
userID=cn=proxyagent,ou=profile,o=MYORG
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 453631 user.debug] tid= 1: 
Adding connection (serverAddr=10.0.0.1)
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 816976 user.debug] tid= 1: 
Connection added [0]
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 467101 user.debug] tid= 1: 
connectionID=1024
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 805042 user.debug] tid= 1: 
shared=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 982078 user.debug] tid= 1: 
usedBit=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 727660 user.debug] tid= 1: 
threadID=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 577507 user.debug] tid= 1: 
serverAddr=10.0.0.1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 939703 user.debug] tid= 1: 
AuthType=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 142272 user.debug] tid= 1: 
TlsType=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 537450 user.debug] tid= 1: 
SaslMech=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 625532 user.debug] tid= 1: 
SaslOpt=0
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 339871 user.debug] tid= 1: 
hostCertPath=/var/ldap
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 639905 user.debug] tid= 1: 
userID=uid=iana,ou=MYEDU,ou=People,o=MYORG
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 948806 user.debug] 
sunray_get_user:pam_sm_auth: local display = 6. MODE=1
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 662782 user.debug] 
sunray_get_user:pam_sm_auth: get user from prop username
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 368275 user.debug] Entering 
waitForConnected
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 214450 user.debug] 
waitForConnected: Connected
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 225182 user.debug] 
utinfo:ut_issuePropertiesCallback: buffer = control 
srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request properties
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request properties
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox '
Aug 26 17:06:00 srbox utinfo:begin response
Aug 26 17:06:00 srbox firstServer=c0a88001
Aug 26 17:06:00 srbox localAddress=192.168.128.1
Aug 26 17:06:00 srbox event=insert
Aug 26 17:06:00 srbox auth=false
Aug 26 17:06:00 srbox cause=insert
Aug 26 17:06:00 srbox doamgh=false
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 497299 user.debug] 
sunray_get_user:_get_user_from_prop: property username not defined for 
display 6
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 985403 user.debug] 
sunray_get_user:_get_user_from_prop: Got empty username. Pretend it 
was not there....
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 193633 user.debug] 
sunray_get_user:_get_user_from_prop: prop 'username' undefined for 
display 6
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 368275 user.debug] Entering 
waitForConnected
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 214450 user.debug] 
waitForConnected: Connected
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 225182 user.debug] 
utinfo:ut_issuePropertiesCallback: buffer = control 
srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request properties
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request properties
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox '
Aug 26 17:06:00 srbox utinfo:begin response
Aug 26 17:06:00 srbox firstServer=c0a88001
Aug 26 17:06:00 srbox localAddress=192.168.128.1
Aug 26 17:06:00 srbox event=insert
Aug 26 17:06:00 srbox auth=false
Aug 26 17:06:00 srbox cause=insert
Aug 26 17:06:00 srbox doamgh=false
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 118685 user.info] 
pam_sunray_amgh::[DPY=6] AMGH_SUMMARY: token=pseudo.0003ba5d3982, 
username=*NONE*, AMGH_Done?=NO(Local Session), Details=AMGH is not 
configured., AMGH_Target=*NONE*
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 444329 user.debug] 
utinfo:ut_setproperties: buffer = control srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request setproperties
Aug 26 17:06:00 srbox cookie=3671764208285120585
Aug 26 17:06:00 srbox doamgh=false
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:00 srbox request setproperties
Aug 26 17:06:00 srbox cookie=3671764208285120585
Aug 26 17:06:00 srbox doamgh=false
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox '
Aug 26 17:06:00 srbox utinfo:begin response
Aug 26 17:06:00 srbox status=0
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 493413 user.debug] 
utinfo:ut_setproperties: ret.buffer = begin response
Aug 26 17:06:00 srbox status=0
Aug 26 17:06:00 srbox end
Aug 26 17:06:00 srbox dtlogin[18193]: [ID 948806 user.debug] 
sunray_get_user:pam_sm_auth: local display = 6. MODE=2
Aug 26 17:06:01 srbox dtlogin[18193]: [ID 699796 user.error] 
sunray_get_user:pam_sm_auth: pam_get_user returned 6 (PAM_CONV_ERR)
Aug 26 17:06:02 srbox utauthd: [ID 794400 user.info] SessionManager0 
NOTICE: EMPTY: ACTIVE session
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 948806 user.debug] 
sunray_get_user:pam_sm_auth: local display = 6. MODE=1
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 662782 user.debug] 
sunray_get_user:pam_sm_auth: get user from prop username
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 368275 user.debug] Entering 
waitForConnected
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 214450 user.debug] 
waitForConnected: Connected
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 225182 user.debug] 
utinfo:ut_issuePropertiesCallback: buffer = control 
srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request properties
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request properties
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox '
Aug 26 17:06:03 srbox utinfo:begin response
Aug 26 17:06:03 srbox firstServer=c0a88001
Aug 26 17:06:03 srbox localAddress=192.168.128.1
Aug 26 17:06:03 srbox event=insert
Aug 26 17:06:03 srbox auth=false
Aug 26 17:06:03 srbox cause=insert
Aug 26 17:06:03 srbox doamgh=false
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 497299 user.debug] 
sunray_get_user:_get_user_from_prop: property username not defined for 
display 6
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 985403 user.debug] 
sunray_get_user:_get_user_from_prop: Got empty username. Pretend it 
was not there....
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 193633 user.debug] 
sunray_get_user:_get_user_from_prop: prop 'username' undefined for 
display 6
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 368275 user.debug] Entering 
waitForConnected
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 214450 user.debug] 
waitForConnected: Connected
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 225182 user.debug] 
utinfo:ut_issuePropertiesCallback: buffer = control 
srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request properties
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request properties
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox '
Aug 26 17:06:03 srbox utinfo:begin response
Aug 26 17:06:03 srbox firstServer=c0a88001
Aug 26 17:06:03 srbox localAddress=192.168.128.1
Aug 26 17:06:03 srbox event=insert
Aug 26 17:06:03 srbox auth=false
Aug 26 17:06:03 srbox cause=insert
Aug 26 17:06:03 srbox doamgh=false
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 118685 user.info] 
pam_sunray_amgh::[DPY=6] AMGH_SUMMARY: token=pseudo.0003ba5d3982, 
username=, AMGH_Done?=NO(Local Session), Details=AMGH is not 
configured., AMGH_Target=*NONE*
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 363298 user.debug] 
utinfo:_getSidAndCookie : dpFile = /var/opt/SUNWut/displays/6
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 444329 user.debug] 
utinfo:ut_setproperties: buffer = control srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request setproperties
Aug 26 17:06:03 srbox cookie=3671764208285120585
Aug 26 17:06:03 srbox doamgh=false
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 723181 user.debug] 
utinfo:-------- _sendAndRecvMsg: recvbuf START cmd 'control 
srbox:7007:5192169635539532459
Aug 26 17:06:03 srbox request setproperties
Aug 26 17:06:03 srbox cookie=3671764208285120585
Aug 26 17:06:03 srbox doamgh=false
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox '
Aug 26 17:06:03 srbox utinfo:begin response
Aug 26 17:06:03 srbox status=0
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox utinfo:-------- _sendAndRecvMsg: recvbuf END
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 493413 user.debug] 
utinfo:ut_setproperties: ret.buffer = begin response
Aug 26 17:06:03 srbox status=0
Aug 26 17:06:03 srbox end
Aug 26 17:06:03 srbox dtlogin[18279]: [ID 948806 user.debug] 
sunray_get_user:pam_sm_auth: local display = 6. MODE=2

_______________________________________________
SunRay-Users mailing list
SunRay-Users@filibeto.org
http://www.filibeto.org/mailman/listinfo/sunray-users

_______________________________________________
SunRay-Users mailing list
SunRay-Users@filibeto.org
http://www.filibeto.org/mailman/listinfo/sunray-users