ssh with ldap authentication - openldap-technical

5 Mar 2013


      Hi,
I'm new to LDAP.  I just created a new user in LDAP and it cannot login
through ssh. It keeps prompting for the password. Any help will be
greatly appreciated.
# dude12, people, wh.local
dn: uid=dude12,ou=people,dc=wh,dc=local
uid: dude12
cn: Johnny Appleseed
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e1NTSEF9K2E0YXVTWlYwckMwRUhsVWlNVzBrS2U3MzA1a1JrOVI=
shadowLastChange: 15140
shadowMax: 99999
shadowWarning: 7
uidNumber: 1212
gidNumber: 1212
homeDirectory: /home/dude12
loginShell: /bin/bash
# dude12, group, wh.local
dn: cn=dude12,ou=group,dc=wh,dc=local
objectClass: posixGroup
objectClass: top
cn: dude12
gidNumber: 1212
userPassword:: e0NSWVBUfXg=
# search result
search: 2
result: 0 Success
# numResponses: 220
# numEntries: 219
###############################
When I created the user, the logs indicated.
###############################
Mar  5 13:53:18 rodster slapd[2678]: =>
bdb_dn2id("uid=dude12,ou=people,dc=wh,dc=local")
Mar  5 13:53:18 rodster slapd[2678]: <= bdb_dn2id: get failed:
DB_NOTFOUND: No matching key/data pair found (-30988)
Mar  5 13:53:18 rodster slapd[2678]: => bdb_dn2id_add 0x628:
"uid=dude12,ou=people,dc=wh,dc=local"
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628
%ou=people,dc=wh,dc=local
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628
@ou=people,dc=wh,dc=local
Mar  5 13:53:18 rodster slapd[2678]: <= bdb_dn2id_add 0x628: 0
Mar  5 13:53:18 rodster slapd[2678]: => index_entry_add( 1576,
"uid=dude12,ou=people,dc=wh,dc=local" )
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [7c477315]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [1fd53424]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [02537054]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [53430dd1]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [5aef1f7f]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [acefc46f]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [caca4579]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [c37ad51a]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [9b3bdeb2]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [39ebd2f9]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:53:18 rodster slapd[2678]: bdb_idl_insert_key: 628 [d7851707]
Mar  5 13:53:18 rodster slapd[2678]: <= key_change 0
Mar  5 13:53:18 rodster slapd[2678]: => key_change(ADD,628)
Mar  5 13:54:51 rodster slapd[2678]: connection_get(24)
Mar  5 13:54:51 rodster slapd[2678]: connection_get(24): got connid=1903
Mar  5 13:54:51 rodster slapd[2678]: connection_read(24): checking for
input on id=1903
Mar  5 13:54:51 rodster slapd[2678]: ber_get_next on fd 24 failed
errno=0 (Success)
Mar  5 13:54:51 rodster slapd[2678]: connection_close: conn=1903 sd=24
#######################################
When I try to ssh as the user the logs indicates.
#######################################
Mar  5 14:14:30 rodster slapd[2678]: slap_listener_activate(7):
Mar  5 14:14:30 rodster slapd[2678]: >>> slap_listener(ldap:///)
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17)
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17): got connid=1910
Mar  5 14:14:30 rodster slapd[2678]: connection_read(17): checking for
input on id=1910
Mar  5 14:14:30 rodster slapd[2678]: op tag 0x60, time 1362510870
Mar  5 14:14:30 rodster slapd[2678]: conn=1910 op=0 do_bind
Mar  5 14:14:30 rodster slapd[2678]: >>> dnPrettyNormal: <>
Mar  5 14:14:30 rodster slapd[2678]: <<< dnPrettyNormal: <>, <>
Mar  5 14:14:30 rodster slapd[2678]: do_bind: version=3 dn="" method=128
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: conn=1910 op=0
p=3
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: err=0 matched=""
text=""
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_response: msgid=1 tag=97
err=0
Mar  5 14:14:30 rodster slapd[2678]: do_bind: v3 anonymous bind
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17)
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17): got connid=1910
Mar  5 14:14:30 rodster slapd[2678]: connection_read(17): checking for
input on id=1910
Mar  5 14:14:30 rodster slapd[2678]: op tag 0x63, time 1362510870
Mar  5 14:14:30 rodster slapd[2678]: conn=1910 op=1 do_search
Mar  5 14:14:30 rodster slapd[2678]: >>> dnPrettyNormal:
<dc=wh,dc=local>
Mar  5 14:14:30 rodster slapd[2678]: <<< dnPrettyNormal:
<dc=wh,dc=local>, <dc=wh,dc=local>
Mar  5 14:14:30 rodster slapd[2678]: SRCH "dc=wh,dc=local" 2 0
Mar  5 14:14:30 rodster slapd[2678]:     1 0 0
Mar  5 14:14:30 rodster slapd[2678]:     filter: (uid=dude12)
Mar  5 14:14:30 rodster slapd[2678]:     attrs:
Mar  5 14:14:30 rodster slapd[2678]:  host
Mar  5 14:14:30 rodster slapd[2678]:  authorizedService
Mar  5 14:14:30 rodster slapd[2678]:  shadowExpire
Mar  5 14:14:30 rodster slapd[2678]:  shadowFlag
Mar  5 14:14:30 rodster slapd[2678]:  shadowInactive
Mar  5 14:14:30 rodster slapd[2678]:  shadowLastChange
Mar  5 14:14:30 rodster slapd[2678]:  shadowMax
Mar  5 14:14:30 rodster slapd[2678]:  shadowMin
Mar  5 14:14:30 rodster slapd[2678]:  shadowWarning
Mar  5 14:14:30 rodster slapd[2678]:  uidNumber
Mar  5 14:14:30 rodster slapd[2678]:
Mar  5 14:14:30 rodster slapd[2678]: ==> limits_get: conn=1910 op=1
self="[anonymous]" this="dc=wh,dc=local"
Mar  5 14:14:30 rodster slapd[2678]: => bdb_search
Mar  5 14:14:30 rodster slapd[2678]: bdb_dn2entry("dc=wh,dc=local")
Mar  5 14:14:30 rodster slapd[2678]: search_candidates:
base="dc=wh,dc=local" (0x00000001) scope=2
Mar  5 14:14:30 rodster slapd[2678]: => bdb_dn2idl("dc=wh,dc=local")
Mar  5 14:14:30 rodster slapd[2678]: => bdb_equality_candidates
(objectClass)
Mar  5 14:14:30 rodster slapd[2678]: => key_read
Mar  5 14:14:30 rodster slapd[2678]: bdb_idl_fetch_key: [b49d1940]
Mar  5 14:14:30 rodster slapd[2678]: <= bdb_index_read: failed (-30988)
Mar  5 14:14:30 rodster slapd[2678]: <= bdb_equality_candidates: id=0,
first=0, last=0
Mar  5 14:14:30 rodster slapd[2678]: => bdb_equality_candidates (uid)
Mar  5 14:14:30 rodster slapd[2678]: => key_read
Mar  5 14:14:30 rodster slapd[2678]: bdb_idl_fetch_key: [7c477315]
Mar  5 14:14:30 rodster slapd[2678]: <= bdb_index_read 1 candidates
Mar  5 14:14:30 rodster slapd[2678]: <= bdb_equality_candidates: id=1,
first=1578, last=1578
Mar  5 14:14:30 rodster slapd[2678]: bdb_search_candidates: id=1
first=1578 last=1578
Mar  5 14:14:30 rodster slapd[2678]: => send_search_entry: conn 1910
dn="uid=dude12,ou=people,dc=wh,dc=local"
Mar  5 14:14:30 rodster slapd[2678]: <= send_search_entry: conn 1910
exit.
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: conn=1910 op=1
p=3
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: err=0 matched=""
text=""
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_response: msgid=2 tag=101
err=0
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17)
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17): got connid=1910
Mar  5 14:14:30 rodster slapd[2678]: connection_read(17): checking for
input on id=1910
Mar  5 14:14:30 rodster slapd[2678]: op tag 0x60, time 1362510870
Mar  5 14:14:30 rodster slapd[2678]: conn=1910 op=2 do_bind
Mar  5 14:14:30 rodster slapd[2678]: >>> dnPrettyNormal:
<uid=dude12,ou=people,dc=wh,dc=local>
Mar  5 14:14:30 rodster slapd[2678]: <<< dnPrettyNormal:
<uid=dude12,ou=people,dc=wh,dc=local>,
<uid=dude12,ou=people,dc=wh,dc=local>
Mar  5 14:14:30 rodster slapd[2678]: do_bind: version=3
dn="uid=dude12,ou=people,dc=wh,dc=local" method=128
Mar  5 14:14:30 rodster slapd[2678]: ==> bdb_bind: dn:
uid=dude12,ou=people,dc=wh,dc=local
Mar  5 14:14:30 rodster slapd[2678]:
bdb_dn2entry("uid=dude12,ou=people,dc=wh,dc=local")
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: conn=1910 op=2
p=3
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: err=49 matched=""
text=""
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_response: msgid=3 tag=97
err=49
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17)
Mar  5 14:14:30 rodster slapd[2678]: connection_get(17): got connid=1910
Mar  5 14:14:30 rodster slapd[2678]: connection_read(17): checking for
input on id=1910
Mar  5 14:14:30 rodster slapd[2678]: op tag 0x60, time 1362510870
Mar  5 14:14:30 rodster slapd[2678]: conn=1910 op=3 do_bind
Mar  5 14:14:30 rodster slapd[2678]: >>> dnPrettyNormal: <>
Mar  5 14:14:30 rodster slapd[2678]: <<< dnPrettyNormal: <>, <>
Mar  5 14:14:30 rodster slapd[2678]: do_bind: version=3 dn="" method=128
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: conn=1910 op=3
p=3
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_result: err=0 matched=""
text=""
Mar  5 14:14:30 rodster slapd[2678]: send_ldap_response: msgid=4 tag=97
err=0
Mar  5 14:14:30 rodster slapd[2678]: do_bind: v3 anonymous bind
This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio Inc. makes no warranty that this email is error or virus free.  Thank you.