I am trying to enable ldap authentication for my unix accounts on an old centos 4.7 server. I am running an ldap server on centos 5.7 runing openldap-servers-2.3.43-12.el5_7.10. My current centos 5.7 servers can authenticate to my ldap server with out issue. When I enable ldap authentication on my centos 4 server I get the following error in my message log.
Feb 22 12:57:06 cent4dev sshd(pam_unix): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.20.224
Feb 22 12:57:06 cent4dev sshd: pam_ldap: error trying to bind as user "uid=dchristensen,ou=People,dc=example,dc=com" (Invalid credentials)
If I execute ldapsearch -x -D uid=dchristensen,ou=People,dc=example,dc=com -W -H ldap://ldap-test01.example.com -b ou=People,dc=example,dc=com uid=dchristensen from my centos 4 server I am able to pull my userPassword information. The problem appears to be an with matching the password against the password hash stored in my ldap server.
Has anyone seen this issue or have any ideas on how to troubleshoot this issue?
Installing, Configuring, Troubleshooting server daemons such as Web and Mail
4 posts • Page 1 of 1
- Retired Moderator
- Posts: 18276
- Joined: 2006/12/13 20:15:34
- Location: Tidewater, Virginia, North America
A long time ago I remember an update came out that stopped my CentOS 4 boxes using LDAP for authentication and the solution was to edit /etc/ldap.conf and comment out any "host x.x.x.x" line and make sure that it used "uri ldap://x.x.x.x/" instead. Before the update it worked with both in the file, after it, it broke.