Alfred von Campe
2011-Aug-25 15:49 UTC
[CentOS] Help integrating CentOS 6 with existing network login infrastructure
I've updated my kickstart configuration files to work with CentOS 6 and am most of the way there integrating a CentOS 6 system into our LDAP/NIS environment. My authconfig line in the kickstart file is as follows: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX --nisserver=nis.XXX.com --useshadow --enablekrb5 --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com This is virtually identical to the authconfig line I was using in CentOS 5. My issue is that users cannot log in with their network (NIS) usernames and passwords. If I log in as root, I can do a "su - username" and get the user's automounted home directory with the correct uid/gid, but if I try to log in as the user, or do a "su - username" as a non-root user and have to enter the password, authentication always fails. The entries in /var/log/secure just say "su: pam_unix(su-l:auth): authentication failure". I'm not a pam expert and don't know how to debug this. Anyone else run into this and/or know what might be the problem? This works just fine in CentOS 5. Alfred
Steven Crothers
2011-Aug-26 13:18 UTC
[CentOS] Help integrating CentOS 6 with existing network login infrastructure
Are they logging in locally or via SSH? If they are logging in via SSH you can probably increase the verbosity of that and SSH usually has some pretty great messages. On Thu, Aug 25, 2011 at 11:49 AM, Alfred von Campe <alfred at von-campe.com>wrote:> I've updated my kickstart configuration files to work with CentOS 6 and am > most of the way there integrating a CentOS 6 system into our LDAP/NIS > environment. My authconfig line in the kickstart file is as follows: > > authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX > --nisserver=nis.XXX.com --useshadow --enablekrb5 --krb5realm=XXX.COM--krb5kdc> ldap.XXX.com --krb5adminserver=ldap.XXX.com > > This is virtually identical to the authconfig line I was using in CentOS 5. > My issue is that users cannot log in with their network (NIS) usernames and > passwords. > > If I log in as root, I can do a "su - username" and get the user's > automounted home directory with the correct uid/gid, but if I try to log in > as the user, or do a "su - username" as a non-root user and have to enter > the password, authentication always fails. > > The entries in /var/log/secure just say "su: pam_unix(su-l:auth): > authentication failure". I'm not a pam expert and don't know how to debug > this. Anyone else run into this and/or know what might be the problem? This > works just fine in CentOS 5. > > Alfred > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- Steven Crothers steven.crothers at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110826/e9181114/attachment-0002.html>