Compare your login and ssh pam configs (ssh works, login doesn't). They'll be under /etc/pam.d/.
- chris
Chris Jacobs, Systems Administrator Apollo Group | Apollo Marketing | Aptimus 2001 6th Ave Ste 3200 | Seattle, WA 98121 phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661 email: chris.jacobs@apollogrp.edu
________________________________ From: openldap-technical-bounces+chris.jacobs=apollogrp.edu@OpenLDAP.org To: openldap-technical@openldap.org Sent: Wed Jun 16 14:26:19 2010 Subject: I can't login linux (console) using after configurate openldap
HI,
I have started openldap more Samba but I can't do logon via console on my linux, only access my system using ssh or telnet . When I am on console I put login and password and press "enter" , again show me screen login linux . If change /etc/nsswitch.conf fields passwd , shadow , group for files only, the login work normally , Thre is problem between openldap and pam ?
I paste my /etc/nsswitch.conf
passwd: files ldap shadow: files ldap group: files ldap
#hosts: db files nisplus nis dns hosts: files dns wins
and /etc/pam.d/login
n#%PAM-1.0 auth required pam_securetty.so auth required pam_nologin.so auth sufficient pam_ldap.so auth required pam_unix2.so nullok try_first_pass #set_secrpc account sufficient pam_ldap.so account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_ldap.so use_first_pass use_authtok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_unix2.so none # debug or trace session required pam_limits.so session required pam_env.so session optional pam_mail.so
#auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so #auth include system-auth #account required pam_nologin.so #account include system-auth #password include system-auth # pam_selinux.so close should be the first session rule #session required pam_selinux.so close #session include system-auth #session required pam_loginuid.so #session optional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context #session required pam_selinux.so open #session optional pam_keyinit.so force revoke
Thanks.
-- Bruno Steven - Administrador de sistemas. LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 https://www.lpi.org/caf/Xamman/certification
MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 https://mcp.microsoft.com/authenticate/validatemcp.aspx
P Antes de imprimir pense em sua responsabilidade e comprometimento com o Meio Ambiente. Before printing this message, think about your ecologic responsability and environment commitment.
________________________________ This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.