Ldap authentication failure after updates

Questions about applications and software
Forum rules
Before you post please read this

Ldap authentication failure after updates

Postby Harlequin on Wed Feb 06, 2013 2:56 am

Afternoon all,

I've run into a problem which I can't find the root cause of.

For the past 6 years I have had a variety of linux machines authenticating against an ldap server including ubuntu and mint machines. Up until December I had mint 13 machines authenticating fine with not problems. An update to the lib-ldap packages were rolled out at that point and I started being unable to log in with ldap users.

The login screen accepts the user name and password, screen goes blank, and then I am confronted with a popup saying "The system administrator has disabled your account." I have rebuilt the machines from scratch, built a mint 14 box as well and I get the same problem. I have also followed about 6 different ldap client guides.

These are the main 2:
https://help.ubuntu.com/12.04/servergui ... erver.html
https://help.ubuntu.com/community/LDAPC ... entication

/var/log/auth shows.

Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=kyem
Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:session): session opened for user kyem by LOGIN(uid=0)
Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:session): session closed for user kyem

I can't understand why I'm getting authentication failures. There have been no other changes except for the update rolling through. I know I could freeze the updates but I prefer to keep the systems updating.

Any help appreciated.

Kye
Harlequin
Level 1
Level 1
 
Posts: 4
Joined: Mon Dec 05, 2011 7:19 am

Linux Mint is funded by ads and donations.
 

Re: Ldap authentication failure after updates

Postby Harlequin on Sun Feb 10, 2013 7:10 pm

Well I have tracked down the problem and I have put together a work around but it's manky and I'm sure it will cause me problems in the future.

Essentially the problem exists with MDM (Mint Display Manager), pam was happy to authenticate against the LDAP server and would actually open the session for the user but MDM didn't like something and so would close the session. No output at all as to why just simply session closed.

As such the work around I have is to replace MDM with ubuntu's LightDM. Following this guide - http://www.webupd8.org/2012/06/how-to-u ... dm-in.html - minus the indicator-session-gtk2 package. Once MDM was replaced login worked perfectly.

If anyone else has a problem hope this helps.
Harlequin
Level 1
Level 1
 
Posts: 4
Joined: Mon Dec 05, 2011 7:19 am


Return to Software & Applications

Who is online

Users browsing this forum: No registered users and 16 guests