Skip site navigation (1) Skip section navigation (2)

Re: postgresql 7.4.6 and pam_ldap

From: Dick Davies <rasputnik(at)hellooperator(dot)net>
To: PostgreSQL Admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: postgresql 7.4.6 and pam_ldap
Date: 2005-01-06 09:53:01
Message-ID: 20050106095301.GH12003@lb.tenfour (view raw or flat)
Thread:
Lists: pgsql-admin
* Thomas Leduc <thomas(dot)leduc(at)cerma(dot)archi(dot)fr> [0130 09:30]:
> Le  5 janvier 2005 ? 22:20, G?mes G?za a ?crit :
> 
> $ cat /etc/pam.d/postgresql
> auth            required        /lib/security//pam_ldap.so

Stick a 'debug' after the .so there, see if anything else turns up.

> $ cat pg_hba.conf
> local   all             postgres                        ident sameuser
> local   all             all                             pam
> host    all             all     127.0.0.1/32            pam
> host    all             all     192.168.10.0/24         pam
> 
> $ sed '/^#/d;/^$/d' /etc/ldap.conf 
> host 192.168.10.2
> base ou=Users,dc=cerma,dc=archi,dc=fr
> ssl no
> pam_password md5

can you bind  as the user with these settings? I't's probably morth ensuring
you are looking for the right objectclass too, by explicityl setting in in 
/etc/ldap.conf .

> # tail -f /var/log/postgresql 
> Jan  6 10:14:06 tage postgres[21450]: [1-1] TRACE:  00000: pam_authenticate a ?chou? : Conversation error
> Jan  6 10:14:06 tage postgres[21450]: [1-2] EMPLACEMENT :  CheckPAMAuth, auth.c:712
> Jan  6 10:14:06 tage postgres[21450]: [2-1] FATAL:  28000: PAM authentication ?chou?e pour l'utilisateur "leduc"
> Jan  6 10:14:06 tage postgres[21450]: [2-2] EMPLACEMENT :  auth_failed, auth.c:395
> Jan  6 10:14:06 tage postgres[21450]: [3-1] ERREUR:  08006: Impossible d'envoyer les donn?es du client : Relais bris? (pipe)
> Jan  6 10:14:06 tage postgres[21450]: [3-2] EMPLACEMENT : internal_flush, pqcomm.c:1000
> Jan  6 10:14:09 tage postgres[21451]: [1-1] TRACE:  00000: pam_acct_mgmt a ?chou? : User account has expired
> Jan  6 10:14:09 tage postgres[21451]: [1-2] EMPLACEMENT :  CheckPAMAuth, auth.c:723
> Jan  6 10:14:09 tage postgres[21451]: [2-1] FATAL:  28000: PAM authentication ?chou?e pour l'utilisateur "leduc"
> Jan  6 10:14:09 tage postgres[21451]: [2-2] EMPLACEMENT :  auth_failed, auth.c:395 
> 
> 	=> "User account has expired" seems not to be true !

-- 
'I should have been a plumber.' -- Albert Einstein
Rasputin :: Jack of All Trades - Master of Nuns

In response to

pgsql-admin by date

Next:From: Rupa Schomaker (lists)Date: 2005-01-06 11:10:16
Subject: 7.4 and schema 'maintainance'
Previous:From: Thomas LeducDate: 2005-01-06 09:19:01
Subject: Re: postgresql 7.4.6 and pam_ldap

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group