From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PEEAx-0001ey-Hf for garchives@archives.gentoo.org; Fri, 05 Nov 2010 04:45:19 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 49B6AE0BC0; Fri, 5 Nov 2010 04:44:21 +0000 (UTC) Received: from mail-qw0-f53.google.com (mail-qw0-f53.google.com [209.85.216.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 2EB54E0BC0 for ; Fri, 5 Nov 2010 04:44:21 +0000 (UTC) Received: by qwg5 with SMTP id 5so2370078qwg.40 for ; Thu, 04 Nov 2010 21:44:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:sender:received :in-reply-to:references:from:date:x-google-sender-auth:message-id :subject:to:content-type; bh=KFyRKNi5g0/iwcgsO/GDPTZj3cncE4AWb8QWLvA7Z/Y=; b=vyM9Afu5CJ6Ejc+eopVqhrTPrarb/seeRm1m5L/0iCSHEkYragm/qJ7SdAT5aRdw+A ienoD4z9FJNGWw72UD1YesRDBtjgimoytNmoXtT2A0tzwbaUVbGKoxJM4zsHt6u5nPuA YOL5wZqhyL60K1SNYSh0W5UHNCeiY7shAK8PM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; b=knVmWwCNDKRq812nreFWXmDs5KCMCcu8+Qi7QDhrlUSzQLGpMrg37z1Jq2G0zeaXRg jXR9L1qTnR1m0CxS0V8gfUR0VFs8EMHu9oQ5NgavhZT/ipJ+PolMeUInAvG5hxjaNwbf RJIXWfBnGhgWzfMiIi7A6c3I1QuW9XxYS17j8= Received: by 10.224.202.200 with SMTP id ff8mr527634qab.211.1288932260849; Thu, 04 Nov 2010 21:44:20 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Sender: jz.penguin@gmail.com Received: by 10.220.100.16 with HTTP; Thu, 4 Nov 2010 21:44:00 -0700 (PDT) In-Reply-To: References: <640AF55A-91BB-4CA4-B63E-A23D34E9DA9F@stellar.eclipse.co.uk> From: James Date: Fri, 5 Nov 2010 04:44:00 +0000 X-Google-Sender-Auth: rbvIT74-8HLdfVQ6N2wnjv2qG58 Message-ID: Subject: Re: [gentoo-user] ldap client authentication To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: 36aa09ec-2cb0-4fed-bb3f-ed6954b241f7 X-Archives-Hash: 25c7943a0d72d4f9cfec9437dd55f48f Things just got more interesting. I just copied my /etc/ldap.conf file over from my Gentoo box to an Ubuntu box -- it works without a single hitch. I'm about to rip my hair out here...any ideas on where I can start troubleshooting this? - openssh versions are very similar - newer nss_ldap on gentoo - newer pam_ldap on gentoo Thoughts would be greatly appreciated. -james On Thu, Nov 4, 2010 at 23:48, James wrote: > LDAP and LDAPS work fine -- as I indicated, the ldapsearch queries > work without any issues. Thus the issue is, more or less, related > directly to PAM and LDAP together. > > At some point during troubleshooting I switched to LDAP simply so that > I could sniff the packets going across the wire and see what was going > on. > > This is purely a pam_ldap configuration problem as far as I can tell. > > Any thoughts on how to go about troubleshooting this would be greatly > appreciated. > > -james > > On Thu, Nov 4, 2010 at 17:58, Adam Carter wrote: >> You seem to be using ldap sometimes and ldaps other times in your configs. >> Suggest you try getting everything working with ldap first, then convert >> everything to ldaps (to get SSL working) once you have the application layer >> sorted. >> >