See Oliver Wallace's post from 2nd April - LDAP authentication on SRSS 5.4 and EL 6.3 x86_64
I configured the system for LDAP authentication using the 'authconfig' command, which sets up sssd for LDAP. Afterward I found I could not log in via GDM with any user whose info came from LDAP, but local users worked fine. This was the case even though all other login methods would work for LDAP users. To fix this issue you need to install the 32-bit version of sssd-client, sssd-client.i686. Without the 32-bit version, errors are logged in /var/log/secure, and read like this: nscloginGUI: pam_succeed_if(utnsclogin:auth): error retrieving information about user nscloginGUI: pam_unix(utnsclogin:auth): check pass; user unknown nscloginGUI: pam_unix(utnsclogin:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= nscloginGUI: PAM unable to dlopen(/lib/security/pam_sss.so): /lib/security/pam_sss.so: cannot open shared object file: No such file or directory nscloginGUI: PAM adding faulty module: /lib/security/pam_sss.so There are also similar errors about pam_gnome_keyring.so and pam_fprintd.so. The problem is the same as the sssd-client. The 32-bit versions, gnome-keyring-pam.i686 and fprintd-pam.i686, need to be installed. On Fri, May 10, 2013 at 5:32 AM, Rodenhiser, Greg <[email protected]>wrote: > Okay, I have a pretty solid RHEL6 64-bit SRSS5.4 server. Everything is > working well except for mobile sessions. If I do regular sessions all my > users (which are LDAP) and login without issue. However if I switch to > mobile sessions, LDAP users cannot login (local user can however). Anyone > know of a fix? > > -- > > > Greg Rodenhiser > Technical Services Engineer > College of the Holy Cross > > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users > >
_______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
