From mboxrd@z Thu Jan 1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
by finch.gentoo.org with esmtp (Exim 4.60)
(envelope-from <gentoo-user+bounces-116197-garchives=archives.gentoo.org@lists.gentoo.org>)
id 1PDizt-0007sl-L2
for garchives@archives.gentoo.org; Wed, 03 Nov 2010 19:27:49 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id F12C9E0587;
Wed, 3 Nov 2010 19:27:18 +0000 (UTC)
Received: from mail-yx0-f181.google.com (mail-yx0-f181.google.com [209.85.213.181])
by pigeon.gentoo.org (Postfix) with ESMTP id CC46DE0587
for <gentoo-user@lists.gentoo.org>; Wed, 3 Nov 2010 19:27:18 +0000 (UTC)
Received: by yxn35 with SMTP id 35so986532yxn.40
for <gentoo-user@lists.gentoo.org>; Wed, 03 Nov 2010 12:27:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:received:mime-version:sender:received
:in-reply-to:references:from:date:x-google-sender-auth:message-id
:subject:to:content-type;
bh=uGLR9I6HnT/f7ZxvG2YSpMCLM9vQO7MaRRj1SEu0t0Q=;
b=irWIkRPYmenkl+pmMIaF1s1NJRnNFOLijt3pjqtkmGlSidWqK7itBnU3fCRn3TBEVR
Bc22Iu5pNEh3tc/pf4NIKu7vsJKWfveMSQjmTTkM/Y1q2Nd9fxrmJJSRIqZRGJc1EXzu
a5qPpvSEPZ2BcHuc/WjRyCqIWSTL1Tps0d5xc=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=mime-version:sender:in-reply-to:references:from:date
:x-google-sender-auth:message-id:subject:to:content-type;
b=cJrVWAaLLUl0Ueo4hGd2/a/CgXlhZnrl5FALk7mpo6crCkNZhfTCaSpM/RyS7C/hSY
oMlqLbybwl+p9HubQlkll/g9gtdPZc+FMbzdtfjuPIvcXxl27S3Jye8BPLd20At4W0NE
aTo9VxNmzE3J1Vx7xZhIlQk+u8KOdfSCBk7g8=
Received: by 10.42.180.200 with SMTP id bv8mr566934icb.294.1288812437546; Wed,
03 Nov 2010 12:27:17 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Sender: jz.penguin@gmail.com
Received: by 10.220.100.16 with HTTP; Wed, 3 Nov 2010 12:26:57 -0700 (PDT)
In-Reply-To: <640AF55A-91BB-4CA4-B63E-A23D34E9DA9F@stellar.eclipse.co.uk>
References: <AANLkTikLathatqdzJygO6=6vQU3C6no-C05HNPDmhjRj@mail.gmail.com> <640AF55A-91BB-4CA4-B63E-A23D34E9DA9F@stellar.eclipse.co.uk>
From: James <jtp@nc.rr.com>
Date: Wed, 3 Nov 2010 15:26:57 -0400
X-Google-Sender-Auth: O4XFYikD_xZFQP8ELUaZITpLS_I
Message-ID: <AANLkTinR7e_6pcZc6f_mEmM5Onbpru=w2orz3W+F5S6_@mail.gmail.com>
Subject: Re: [gentoo-user] ldap client authentication
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=90e6ba6e8f9c85a7aa04942b0753
X-Archives-Salt: 30f31d40-3c08-40ff-957f-8570eaf261d6
X-Archives-Hash: d8a5091620b1460b19d1049b2024a64f
--90e6ba6e8f9c85a7aa04942b0753
Content-Type: text/plain; charset=ISO-8859-1
Straight from the Gentoo + LDAP page.
# pam ldap stuff
auth sufficient pam_ldap.so use_first_pass
account sufficient pam_ldap.so
password sufficient pam_ldap.so use_authtok use_first_pass
session optional pam_ldap.so
-james
On Wed, Nov 3, 2010 at 15:13, Stroller <stroller@stellar.eclipse.co.uk>wrote:
>
> On 3/11/2010, at 4:25pm, James wrote:
>
> ...
> I'm attempting to set up LDAP authentication against my OpenDS server on a
> Gentoo box. I've been struggling with this for several days now with no
> progress.
>
> Here's the rundown of how things are configured (fairly straight forward):
> ...
>
> ==> auth.log <==
> Nov 3 06:26:03 s_dgram@client.whatever.com sshd[2650]: error: PAM:
> Authentication failure for tb from blah.whatever.com
>
>
> You've shown us all about your LDAP configuration, but nothing about your
> PAM configuration, or whether sshd or IMAP are configured to use PAM.
>
> Stroller.
>
>
--90e6ba6e8f9c85a7aa04942b0753
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Straight from the Gentoo + LDAP page.<br><br># pam ldap stuff<br>auth=A0=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0 sufficient=A0=A0=A0=A0=A0 pam_ldap.so use_first=
_pass<br>account=A0=A0=A0=A0=A0=A0=A0=A0 sufficient=A0=A0=A0=A0=A0 pam_ldap=
.so<br>password=A0=A0=A0=A0=A0=A0=A0 sufficient=A0=A0=A0=A0=A0 pam_ldap.so =
use_authtok use_first_pass<br>
session=A0=A0=A0=A0=A0=A0=A0=A0 optional=A0=A0=A0=A0=A0=A0=A0 pam_ldap.so<b=
r><br>-james<br><br><div class=3D"gmail_quote">On Wed, Nov 3, 2010 at 15:13=
, Stroller <span dir=3D"ltr"><<a href=3D"mailto:stroller@stellar.eclipse=
.co.uk">stroller@stellar.eclipse.co.uk</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin: 0pt 0pt 0pt 0.8ex; borde=
r-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div style=3D"wor=
d-wrap: break-word;"><br><div><div>On 3/11/2010, at 4:25pm, James wrote:</d=
iv>
<blockquote type=3D"cite"><font color=3D"#000000">...<br></font><div class=
=3D"im">I'm attempting to set up LDAP authentication against my OpenDS =
server on a Gentoo box. I've been struggling with this for several days=
now with no progress.<br>
<br>Here's the rundown of how things are configured (fairly straight fo=
rward):<br></div>...</blockquote><div class=3D"im"><blockquote type=3D"cite=
">=3D=3D> auth.log <=3D=3D<br>Nov=A0 3 06:26:03 <a href=3D"mailto:s_d=
gram@client.whatever.com" target=3D"_blank">s_dgram@client.whatever.com</a>=
sshd[2650]: error: PAM: Authentication failure for tb from <a href=3D"http=
://blah.whatever.com/" target=3D"_blank">blah.whatever.com</a><br>
</blockquote></div></div><br><div>You've shown us all about your LDAP c=
onfiguration, but nothing about your PAM configuration, or whether sshd or =
IMAP are configured to use PAM.</div><div><br></div><font color=3D"#888888"=
><div>
Stroller.</div><div><br></div></font></div></blockquote></div><br>
--90e6ba6e8f9c85a7aa04942b0753--