The last configuration is OK... I disable ncsd daemon (cache) and all works fine, now thanks.... Em Ter, 2006-09-26 às 08:35 -0300, rejaine@bhz.jamef.com.br escreveu:
2006-09-26 às 09:50 +0200, Ralf Haferkamp escreveu:
When I try to login using cn like "John_Lennon" , I give this error: login[11170]: User not known to the underlying authentication module Is the user object returned if you search the LDAP Server with ldapsearch and a filter of "(&(objectclass=posixAccount)(cn=John_Lennon))"?
yes, the search works fine:
# ldapsearch -x "(&(objectclass=posixAccount)(cn=Zequinha_Silva))" uid cn
# extended LDIF # # LDAPv3 # base <> with scope sub # filter: (&(objectclass=posixAccount)(cn=Zequinha_Silva)) # requesting: uid cn #
# zsilva, people, xxx,com dn: uid=zsilva,ou=people,dc=xxx,dc=com uid: zsilva cn: Zequinha_Silva
# search result search: 2 result: 0 Success
Just guessing, but you might need to add: nss_map_attribute uid cn to you ldap.conf as well to have this working completely.
I added:
nss_map_attribute uid cn pam_filter objectclass=posixAccount pam_login_attribute cn nss_base_passwd dc=xxx,dc=com nss_base_shadow dc=xxx,dc=com nss_base_group dc=xxx,dc=com
Same error: "User not known to the underlying authentication module"