Hi,
I have a curious problem where a few (important) users cannot log into the Red Hat Enterprise Server 4 update 4 systems. However, most users (including myself) can log in. These users can log in fine to ldap'd RHES3 Update 6 systems.
The FDS logs indicate a normal fetch of the user's attributes with no errors. The /var/log/secure on Red Hat 4 simply says
sshd[8898]: Failed password for <username> from <hex>...
Yet they can log into other LDAP based systems, including a few other RHE4 systems, that all go back to the same FDS.
I have deleted their accounts and recreated them, which usually fixes strange problems like this, but no luck. Some accounts are old (date back to FDS 7.1) and others are new.
I examined the DS attributes for these users, and the only difference I could find was the "Object class" attribute was missing the "account" value. So, I added it, but to no avail.
I compared /etc/pam.d/system-auth and they are essentially identical between RHES3 and 4 systems.
/var/log/secure also has a "error" Could not get shadow information for <username>" but that happens on all users. It seems to be a soft error, but I would like to get rid of it.
Can anyone give me a clue where to look?
Thanks! Ken
Check if you have pam_tally configured.
Maybe, the user failed it's password and you need to reset the failed login attempts.
Para <fedora-directory-users@redhat.c om> "Ken Marsh" cc kmarsh@gdrs.com Enviado por: Asunto fedora-directory-users-b [Fedora-directory-users] ounces@redhat.com Authentication problems between FDS 1.0.1-4 on RHES 4u4 29/05/2008 02:27 p.m. Clasificación Uso Interno
Por favor, responda a "General discussion list for the Fedora Directory server project." <fedora-directory-users@ redhat.com>
Hi,
I have a curious problem where a few (important) users cannot log into the Red Hat Enterprise Server 4 update 4 systems. However, most users (including myself) can log in. These users can log in fine to ldap'd RHES3 Update 6 systems.
The FDS logs indicate a normal fetch of the user's attributes with no errors. The /var/log/secure on Red Hat 4 simply says
sshd[8898]: Failed password for <username> from <hex>...
Yet they can log into other LDAP based systems, including a few other RHE4 systems, that all go back to the same FDS.
I have deleted their accounts and recreated them, which usually fixes strange problems like this, but no luck. Some accounts are old (date back to FDS 7.1) and others are new.
I examined the DS attributes for these users, and the only difference I could find was the "Object class" attribute was missing the "account" value. So, I added it, but to no avail.
I compared /etc/pam.d/system-auth and they are essentially identical between RHES3 and 4 systems.
/var/log/secure also has a "error" Could not get shadow information for <username>" but that happens on all users. It seems to be a soft error, but I would like to get rid of it.
Can anyone give me a clue where to look?
Thanks! Ken
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
======================================================================================== AVISO LEGAL: Esta información es privada y confidencial y está dirigida únicamente a su destinatario. Si usted no es el destinatario original de este mensaje y por este medio pudo acceder a dicha información por favor elimine el mensaje. La distribución o copia de este mensaje está estrictamente prohibida. Esta comunicación es sólo para propósitos de información y no debe ser considerada como propuesta, aceptación ni como una declaración de voluntad oficial de NUCLEO S.A. La transmisión de e-mails no garantiza que el correo electrónico sea seguro o libre de error. Por consiguiente, no manifestamos que esta información sea completa o precisa. Toda información está sujeta a alterarse sin previo aviso.
This information is private and confidential and intended for the recipient only. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and shall not be regarded neither as a proposal, acceptance nor as a statement of will or official statement from NUCLEO S.A. . Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
389-users@lists.fedoraproject.org