Hi, folgendes Problem: User soll sich ueber pam_ldap authorisieren. Bis SuSE 6.2 funktioniert das einwandfrei. Ab SuSE 7.0 geht es nicht. Ldap ist OpenLdap 2.0.7, pam_ldap in der version das von SuSE geliefert wird: Folgenden konfiguration: ------------------------ /etc/pam.d/login: ----------------- #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_ldap.so auth required /lib/security/pam_unix.so use_first_pass # account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_unix.so # password sufficient /lib/security/pam_ldap.so password required /lib/security/pam_unix.so use_first_pass shadow # session required /lib/security/pam_unix.so ldap.conf: ----------- host 192.168.1.1 base "o=localhost.de" port 386 pam_filter objectClass=posixAccount Alles anderen Einstellungen (slapd.conf usw.) sind auf Default. Hier ein Auszug aus /var/log/messages (zwei verschiedene Rechner, tardis, spunk): SuSE 6.2: ---------- May 27 21:01:51 tardis named[260]: XX+/192.168.1.1/./A/IN May 27 21:01:51 tardis slapd[22534]: daemon: conn=50 fd=19 connection from IP=192.168.1.1:1690 (IP=0.0.0.0:389) accepted. May 27 21:01:51 tardis slapd[22593]: conn=50 op=0 BIND dn="" method=128 May 27 21:01:51 tardis slapd[22593]: conn=50 op=0 RESULT tag=97 err=0 text= May 27 21:01:51 tardis slapd[22594]: conn=50 op=1 SRCH base="o=localhost.de" scope=2 filter="(&(objectClass=posixAccount)(uid=test))" May 27 21:01:51 tardis slapd[22594]: conn=50 op=1 SEARCH RESULT tag=101 err=0 text= May 27 21:01:51 tardis named[260]: XX+/192.168.1.1/./A/IN May 27 21:01:51 tardis slapd[22534]: daemon: conn=51 fd=20 connection from IP=192.168.1.1:1691 (IP=0.0.0.0:389) accepted. May 27 21:01:51 tardis slapd[22593]: conn=51 op=0 BIND dn="" method=128 May 27 21:01:51 tardis slapd[22593]: conn=51 op=0 RESULT tag=97 err=0 text= May 27 21:01:51 tardis slapd[22594]: conn=51 op=1 SRCH base="o=localhost.de" scope=2 filter="(uid=test)" May 27 21:01:51 tardis slapd[22594]: conn=51 op=1 SEARCH RESULT tag=101 err=0 text= May 27 21:01:51 tardis slapd[22593]: conn=51 op=2 UNBIND May 27 21:01:51 tardis slapd[22593]: conn=-1 fd=20 closed May 27 21:01:51 tardis named[260]: XX+/192.168.1.1/./A/IN May 27 21:01:51 tardis slapd[22534]: daemon: conn=52 fd=20 connection from IP=192.168.1.1:1692 (IP=0.0.0.0:389) accepted. May 27 21:01:51 tardis slapd[22594]: conn=52 op=0 BIND dn="UID=TEST,OU=PEOPLE,O=LOCALHOST.DE" method=128 May 27 21:01:51 tardis slapd[22594]: conn=52 op=0 RESULT tag=97 err=0 text= May 27 21:01:51 tardis slapd[22593]: conn=50 op=2 SRCH base="o=LOCALHOST.DE" scope=2 filter="(&(objectClass=posixAccount)(uid=test))" May 27 21:01:51 tardis slapd[22593]: conn=50 op=2 SEARCH RESULT tag=101 err=0 text= May 27 21:01:51 tardis slapd[22594]: conn=50 op=3 SRCH base="o=localhost.de" scope=2 filter="(objectClass=posixGroup)" May 27 21:01:51 tardis slapd[22594]: conn=50 op=3 SEARCH RESULT tag=101D err=0 text= May 27 21:01:51 tardis named[260]: XX+/192.168.1.1/./A/IN May 27 21:01:51 tardis slapd[22534]: daemon: conn=53 fd=21 connection from IP=192.168.1.1:1693 (IP=0.0.0.0:389) accepted. May 27 21:01:51 tardis slapd[22593]: conn=53 op=0 BIND dn="" method=128 May 27 21:01:51 tardis slapd[22593]: conn=53 op=0 RESULT tag=97 err=0 text= May 27 21:01:51 tardis slapd[22594]: conn=53 op=1 SRCH base="o=localhost.de" scope=2 filter="(&(objectClass=posixAccount)(uidNumber=503))" May 27 21:01:51 tardis slapd[22594]: conn=53 op=1 SEARCH RESULT tag=101 err=0 text= SuSE 7.0 ------------ My 27 21:26:29 spunk slapd[4469]: daemon: conn=1 fd=11 connection from IP=127.0.0.2:1134 (IP=:: 389) accepted. May 27 21:26:29 spunk slapd[4470]: conn=1 op=0 BIND dn="CN=ADMIN,O=PC-POOL-INF.DE" method=128 May 27 21:26:29 spunk slapd[4470]: conn=1 op=0 RESULT tag=97 err=0 text= May 27 21:26:29 spunk slapd[4471]: conn=1 op=1 SRCH base="o=pc-pool-inf.de" scope=2 filter="(&(objectClass=posix Account)(uid=test))" May 27 21:26:29 spunk slapd[4471]: conn=1 op=1 SEARCH RESULT tag=101 err=0 text= May 27 21:26:29 spunk slapd[4470]: conn=1 op=2 BIND dn="UID=TEST,OU=PEOPLE,O=PC-POOL-INF.DE" method=128 May 27 21:26:29 spunk slapd[4470]: conn=1 op=2 RESULT tag=97 err=0 text= May 27 21:26:29 spunk slapd[4471]: conn=1 op=3 BIND dn="CN=ADMIN,O=PC-POOL-INF.DE" method=128 May 27 21:26:29 spunk slapd[4471]: conn=1 op=3 RESULT tag=97 err=0 text= May 27 21:26:29 spunk PAM_unix[4472]: (login) session opened for user test by LOGIN(uid=0) May 27 21:26:29 spunk slapd[4469]: conn=-1 fd=11 closed ---------- So, wie gesagt bei SuSE 6.2 geht es bei 7.0 nicht mehr. Hat jemand von Euch das gleiche Problem schon gehabt, oder kann mir da weiterhelfen? Danke und Gruesse Adam -- Machen Sie Ihr Hobby zu Geld bei unserem Partner 1&1! http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net