LDAP Authentication

lucas1

Member

Reaction score: 1
Messages: 80

Good day.

Configured mostly from here https://docs.freebsd.org/en/articles/ldap-auth/article.html for sshd.
Through security/pam_ldap and net/nss_ldap. (not through sssd)


Now when you type username@domain.com and password in console in /var/log/debug.log:
Code:
 sshd[7627]: in pam_get_user(): entering
 sshd[7627]: in pam_get_item(): entering: PAM_USER
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
sshd[7627]: in pam_get_user(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_data(): entering: 'PADL-LDAP-SESSION-DATA'
 sshd[7627]: in pam_get_data(): returning PAM_NO_MODULE_DATA
 sshd[7627]: in pam_set_data(): entering: 'PADL-LDAP-SESSION-DATA'
 sshd[7627]: in pam_set_data(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_CONV
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_set_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_set_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in openpam_dispatch(): /usr/local/lib/pam_ldap.so: pam_sm_authenticate(): Unknown user
and /var/log/auth.log
Code:
sshd[7627]: Failed password
But password correct.

What do you advise ?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 10,991
Messages: 36,924

Enter the username without the @domain.com part. Your uid in LDAP is set to the username only.
 
OP
L

lucas1

Member

Reaction score: 1
Messages: 80

In general, I decided to use pam_winbind for Windows domain authentication on domain controlers.
Samba doing great.
And with authentication for lightdm also.
 
Top