LDAP authentication failure after "yum update"

John Abreau john at abreau.net
Thu Aug 3 21:06:31 EDT 2006


I ran "yum update" on mt LDAP server this afternoon, and since then I've
been unable to login to it via ldap. It's also the Samba PDC, and I
can't login to my Windows servers either.

My other Linux servers also use ldap authentication, and I have no
problem logging into them.

I'm running into a dead end trying to figure out what broke. Any ideas
how I can fix this thing?


On the LDAP server, if I run

    getent passwd

it shows all the users, both local from /etc/passwd and from LDAP.

    # getent passwd | grep jabr
    jabr:x:10051:10051:John Abreau:/home/jabr:/bin/bash

But if I specify the LDAP user to lookup,

    getent passwd jabr

it finds nothing.

I've tried rebuilding the LDAP db files, and that didn't work. I tried
re-running system-config-authentication to reset the ldap.conf and
cacert files, again with no luck.

Here's what I see in the logs when I try to ssh to the server:

    Aug  3 20:52:02 holden sshd(pam_unix)[5165]: check pass;
    user unknown

    Aug  3 20:52:02 holden sshd(pam_unix)[5165]: authentication
    failure; logname= uid=0 euid=0 tty=ssh ruser=
    rhost=bart.us.zuken.com

    Aug  3 20:52:02 holden sshd[5165]: pam_ldap: error trying
    to bind as user "uid=jabr,ou=People,dc=us,dc=zuken,dc=com"
    (Invalid credentials)


    Aug  3 20:52:17 holden sshd(pam_unix)[5165]: check pass;
    user unknown

    Aug  3 20:52:17 holden sshd[5165]: pam_ldap: error trying
    to bind as user "uid=jabr,ou=People,dc=us,dc=zuken,dc=com"
    (Invalid credentials)


    Aug  3 20:52:36 holden sshd(pam_unix)[5165]: check pass;
    user unknown

    Aug  3 20:52:36 holden sshd[5165]: pam_ldap: error trying
    to bind as user "uid=jabr,ou=People,dc=us,dc=zuken,dc=com"
    (Invalid credentials)


-- 
John Abreau / Executive Director, Boston Linux & Unix
ICQ 28611923 / AIM abreauj / JABBER jabr at jabber.org / YAHOO abreauj
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
-------------- next part --------------
A non-text attachment was scrubbed...
Name: john.vcf
Type: text/x-vcard
Size: 294 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20060803/2ab80c4e/attachment.vcf>


More information about the Discuss mailing list