Displaying 20 results from an estimated 10000 matches similar to: "LDAP / PAM -- Invalid Credentials Error"
2003 Apr 04
1
Samba, Passwd, LDAP auth
Hi,
I have searched all over and I am at a deep loss.
I have Openldap setup and it works fine holding users and is searchable,
etc.
I have samba setup to auth via LDAP and it works.
I can NOT for the life of me get system password stuff to work.
The strange thing is, that my "testuser" can telnet to the computer and
login and can login with samba fine. I can not ssh into the
2010 Sep 14
1
cron breaking when enabling ldap
Hi
When I enable a box to do authentication using LDAP it breaks cron for users like jboss.
I get the following in /var/log/secure
Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron'
I have the following in /etc/ldap.conf
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss
2006 Jun 07
1
NSS/PAM LDAP Config
Ok, I've been literally throwing things in my effort to fix this.
Please help me from damaging something valueable! :)
I've installed Samba 3.0.22 and OpenLDAP etc.
I've used the IDEALX scripts to create the LDAP tree etc.
Everything goes swimmingly until I try to check and see if NSS/PAM is
working right.
I use the following command as shown in SBE to check NSS/PAM working.
getent
2004 Nov 25
1
A little help with nss_ldap - User xxx in passdb, but getpwnam() fails!
I keep getting the following errors when I try to log on to my domain or
access a share (some how I have no clue I was able to get one computer
to access the samba domain). It is a standalone PDC, ldap on the same
computer.
This problem has been killing me for about a week, any help would be
greatly appreciated
I'm running samba 3.0.9 on redhat 9
stock ldap server that comes with redhat
2015 Oct 08
2
Changing User password from ssh member server
Hi Rowland,
This is a CentOS 6.7 server.
I was able to make some progress. I have edited /etc/pam.d/system-auth, and
now it looks like:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account
2013 Feb 20
3
LDAP users/groups not showing up with nis, pam, & ldap
I am trying to configure NIS, PAM, & LDAP on a CentOS 6.2 host. I've
previously installed a similar configuration on RHEL4, but CentOS now
uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations
are a little different.
Currently, local users and groups are showing up but not LDAP users.
When I do a /getent passwd/ and/getent group/ I don't get LDAP users.
When I do
2015 Oct 08
2
Changing User password from ssh member server
I have removed use_auhtok from /etc/pam.d/system-auth and now passwd is
"kind of" working...
I am still able to login with my old password and the new one also. But
only on the linux servers that are authenticating through LDAP.
On my workstation only the old password (the one I was trying to change
through passwd(ssh)) works.
I have noticed that my user now has a userPassword
2013 Feb 15
1
Problem with User and Group Ownership listing
I am installing smb 3.5 on a CentOS 6.2 host using smbldap-tools. I've
previously installed a similar configuration on RHEL4 using smb 3.0 but
CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the
configurations cannot be moved straight across.
When I do a listing of a share directory that should have user and group
ownership determined by LDAP, I get the uidNumbers and
2004 Oct 23
1
Samba 3 + LDAP on SuSE - how (missing /etc/pam.d/system-auth)
Hello,
I'm trying to configure Samba to work with SuSE 9.1.
I followed The Linux Samba-OpenLDAP Howto (Revision: 1.6 ) from
http://samba.idealx.org/smbldap-howto.en.html - but I'm stuck - in SuSE
there is no /etc/pam.d/system-auth.
Should I just add this file (I doubt it), or put these values into
another files (which ones)?
auth required /lib/security/pam_env.so
auth
2015 May 08
4
ldap host attribute is ignored
>> But instead i get
>> centos: sshd[7929]: pam_unix(sshd:session): session opened for user
>> <username>
>
> "pam_unix" should be an indication that <username> appears in the local
> unix password files. Make sure that it doesn't.
Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow
>
> What do /etc/pam.d/sshd and
2015 Oct 08
1
Changing User password from ssh member server
Yes, it is an AD DC.
The thing is, the only way I know to change the user password is from a
Windows workstation (CTRL+ALT+DEL and go to Change password).
I was trying to achieve the same thing through another Linux server that is
not the AD DC. So I thought that it would be possible for them to change
their AD passwords through "passwd", but it didn't seem to work properly,
because
2015 May 11
2
ldap host attribute is ignored
one more thing: firewalld service and selinux are deactivated.
On 05/11/2015 07:06 PM, Ulrich Hiller wrote:
> Hmmm...., i have made now a complete new install but the problem
> persists: ldap authentication works, but the host attribute is ignored.
>
> I have installed CentOS7 64bit with KDE.
> I did not do any 'yum update' or install of extra packages so far.
>
>
2015 Oct 08
3
Changing User password from ssh member server
Hi,
I am authenticating users on our linux servers using nslcd/pam_ldap.
Authentication is fine, however, it is not possible for the user to change
the password from the server.
Is there a way to make it work ?
[Guilherme at server ~]$ passwd
Changing password for user Guilherme.
passwd: Authentication token manipulation error
Oct 8 14:37:53 server passwd: pam_unix(passwd:chauthtok): user
2015 May 07
2
ldap host attribute is ignored
Thanks a lot for looking over the config.
I am at the topic "user data is available"
id <username>
and
getent passwd
and
ldapsearch -x -b "ou=XXX,o=YYY" uid=<username>
give the correct results
ldapsearch gives also the correct host attribute i have set in the ldap
server.
Regarding the manpage of sssd.conf the lines
access_provider = ldap
ldap_access_order =
2016 Oct 12
2
Replacement pdc samba3 to samba4 nt classic
On 11.10.2016 17:22, Harry Jede via samba wrote:
> Am Dienstag, 11. Oktober 2016 schrieben Sie:
>> On 11.10.2016 13:52, Harry Jede via samba wrote:
>>> On 10:43:49 wrote Gavrilov Aleksey via samba:
>>> Until now, you have destroyed your domain.
>>> Is the ldap directory on localhost in production or is this pc in a
>>> test lab?
>> a copy of the
2015 May 11
3
ldap host attribute is ignored
On 05/09/2015 01:24 PM, Jonathan Billings wrote:
> Is it normal to have pam_unix and pam_sss twice for each each section?
No. See my previous message. I think it's the result of copying
portions of SuSE configurations.
2010 Feb 16
2
pam_mount
Hi all,
I am a bit confused about the usage of pam_mount.
Here is my /etc/pam.d/system-auth:
auth required pam_env.so
auth required pam_mount.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_krb5.so use_first_pass
auth required pam_deny.so
account
2014 Oct 29
1
samba ssh change password Error was: Wrong password
passwd: Authentication token manipulation error
smbpasswd: machine 127.0.0.1 rejected the password change: Error was :
Wrong Password
best regards
[FACILITY/btombul at samba ~]$ passwd
Changing password for user FACILITY/btombul.
Changing password for FACILITY/btombul
(current) NT password:
New password:
Retype new password:
passwd: Authentication token manipulation error
[FACILITY/btombul at
2010 Apr 16
1
offline logon in 3.4.7-58
Having issues adapting our 3.4 configuration that worked very well using idmap rid in 3.3.
It seems like winbind does not cache the credentials despite all of the settings being present. I can set winbind offline via smbcontrol and have it work, but if I reboot the machine (important for my laptops) off the network winbind complains that it can't find the logon server.
When disconnected and
2010 Oct 20
1
Samba 3.5.6 pam problems
Hi,
I've setup Samba 3.5.6 as a member server in a 2003R2 domain with a
single dc, idmapping is by rfc2307 with a tdb backend for builtin
accounts etc, I can list users and groups using wbinfo and I can
create shares and access them from the windows server, files and
folders owned by ad users show the correct user and group names so
mapping appears to be working, I can su to ad accounts but I