Hello folks! I've been trying to implement a pam user authentification on a SuSE 6.4 machine using pam_ldap. Unfortunately I wasn't very successful. This is what a typical entry in my database looks like dn: o=linux-society o: linux-society objectclass: top objectclass: organization dn: ou=editors, o=linux-society ou: editors objectclass: organizationalUnit dn: uid=achtldap, ou=editors, o=linux-society objectclass: account objectclass: person objectclass: posixAccount objectclass: shadowAccount objectclass: inetOrgPerson fullname: Andreas Achtzehn givenname: Andreas uid: achtldap userpassword: test shadowlastchange: 10650 homedirectory:/home/achtzehn loginshell: /bin/bash cn: Andreas Achtzehn sn: Achtzehn uidnumber: 500 gidnumber: 100 ou: editors I've overwritten all files in /etc/pam.d by the appropiate files in /usr/doc/packages/pam_ldap/pam.d. This is what my logfile tells me when I try to login: Jan 21 19:26:19 laptop slapd[7093]: slapd starting I add the entry above to my LDAP... Jan 21 19:27:01 laptop slapd[7093]: conn=0 fd=7 connection from localhost (127.0.0.1) accepted. Jan 21 19:27:01 laptop slapd[7096]: conn=0 op=0 BIND dn="CN=MANAGER,O=LINUX-SOCIETY" method=128 Jan 21 19:27:01 laptop slapd[7096]: conn=0 op=0 RESULT err=0 tag=97 nentries=0 Jan 21 19:27:01 laptop slapd[7097]: conn=0 op=1 ADD dn="O=LINUX-SOCIETY" Jan 21 19:27:01 laptop slapd[7097]: next_id_read: could not open "/usr/tmp/NEXTID" Jan 21 19:27:01 laptop slapd[7097]: conn=0 op=1 RESULT err=0 tag=105 nentries=0 Jan 21 19:27:01 laptop slapd[7098]: conn=0 op=2 ADD dn="OU=EDITORS,O=LINUX-SOCIETY" Jan 21 19:27:01 laptop slapd[7098]: conn=0 op=2 RESULT err=0 tag=105 nentries=0 Jan 21 19:27:01 laptop slapd[7099]: conn=0 op=3 ADD dn="UID=ACHTLDAP,OU=EDITORS,O=LINUX-SOCIETY" Jan 21 19:27:01 laptop slapd[7093]: conn=0 op=-1 fd=7 closed errno=0 Jan 21 19:27:01 laptop slapd[7100]: conn=0 op=4 UNBIND I try to login using a normal console... Jan 21 19:27:01 laptop slapd[7099]: conn=0 op=3 RESULT err=0 tag=105 nentries=0 Jan 21 19:27:28 laptop slapd[7093]: conn=1 fd=7 connection from localhost (127.0.0.1) accepted. Jan 21 19:27:28 laptop slapd[7101]: conn=1 op=0 BIND dn="" method=128 Jan 21 19:27:28 laptop slapd[7101]: conn=1 op=0 RESULT err=0 tag=97 nentries=0 Jan 21 19:27:28 laptop slapd[7102]: conn=1 op=1 SRCH base="O=LINUX-SOCIETY" scope=2 filter="(uid=ACHTLDAP)" Jan 21 19:27:28 laptop slapd[7093]: conn=2 fd=13 connection from localhost (127.0.0.1) accepted. Jan 21 19:27:28 laptop slapd[7093]: conn=1 op=-1 fd=7 closed errno=0 Jan 21 19:27:28 laptop slapd[7102]: conn=1 op=1 RESULT err=0 tag=101 nentries=1 Jan 21 19:27:28 laptop slapd[7103]: conn=1 op=2 UNBIND Jan 21 19:27:28 laptop slapd[7104]: conn=2 op=0 BIND dn="UID=ACHTLDAP,OU=EDITORS,O=LINUX-SOCIETY" method=128 as it seems this was successful... Jan 21 19:27:28 laptop PAM_unix[7063]: (login) session opened for user achtldap by LOGIN(uid=0) Jan 21 19:27:28 laptop slapd[7093]: conn=2 op=-1 fd=13 closed errno=0 Jan 21 19:27:28 laptop slapd[7104]: conn=2 op=0 RESULT err=0 tag=97 nentries=0 What happens? Nothing... After login the console closes again immediately (without showing a prompt). I'm a bit confused about the entry "LOGIN(uid=0)", I don't want the user to log in as root! Has anyone had the same problem. I tried desperately to find a man-page, howto or anything comparable, but without any luck. There a good papers out there on setting up an OpenLDAP-server, but no papers on how to use pam_ldap (even their distributors, padl, do not provide a help-page) So long, Andreas -- -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/CM/IT/P d@ s: !a C++(+) UL++++$ P++ L+++(++++)@ E---- W+++ N+ o? K? w O- M- V- PS PE- Y+ PGP++ t+ 5 X+ R* tv+ b++ DI? D-- G> e@> h!> ------END GEEK CODE BLOCK------ See http://www.ebb.org/ungeek/ on details.