On Fri, 19 Sep 2008 12:57:46 -0400 "Lynn York" lyork@inetu.net wrote:
Hello,
I am having some issues with authentication with an openldap proxy to AD. When I query the user I am able to get back the userPassword attribute and everything looks to be correct. I can "su username" and it works properly, but when I attempt to "ssh user@localhost" it will not accept the password. The password is stored as {crypt}. I am trying to pin point whether this is a PAM issue or an ldap issue. Any help or suggestions would be greatly appreciated.
Try to tcpdump on the linux before you login and see what is the result of the search. Maybe the search base is wrong or any acl may disallow access etc
Cheers, Pavlos