Ldap authentication failure after updates

Questions about applications and software
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
Harlequin

Ldap authentication failure after updates

Post by Harlequin »

Afternoon all,

I've run into a problem which I can't find the root cause of.

For the past 6 years I have had a variety of linux machines authenticating against an ldap server including ubuntu and mint machines. Up until December I had mint 13 machines authenticating fine with not problems. An update to the lib-ldap packages were rolled out at that point and I started being unable to log in with ldap users.

The login screen accepts the user name and password, screen goes blank, and then I am confronted with a popup saying "The system administrator has disabled your account." I have rebuilt the machines from scratch, built a mint 14 box as well and I get the same problem. I have also followed about 6 different ldap client guides.

These are the main 2:
https://help.ubuntu.com/12.04/servergui ... erver.html
https://help.ubuntu.com/community/LDAPC ... entication

/var/log/auth shows.

Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=kyem
Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:session): session opened for user kyem by LOGIN(uid=0)
Feb 6 16:56:12 skye-con-soe login[1300]: pam_unix(login:session): session closed for user kyem

I can't understand why I'm getting authentication failures. There have been no other changes except for the update rolling through. I know I could freeze the updates but I prefer to keep the systems updating.

Any help appreciated.

Kye
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Harlequin

Re: Ldap authentication failure after updates

Post by Harlequin »

Well I have tracked down the problem and I have put together a work around but it's manky and I'm sure it will cause me problems in the future.

Essentially the problem exists with MDM (Mint Display Manager), pam was happy to authenticate against the LDAP server and would actually open the session for the user but MDM didn't like something and so would close the session. No output at all as to why just simply session closed.

As such the work around I have is to replace MDM with ubuntu's LightDM. Following this guide - http://www.webupd8.org/2012/06/how-to-u ... dm-in.html - minus the indicator-session-gtk2 package. Once MDM was replaced login worked perfectly.

If anyone else has a problem hope this helps.
Locked

Return to “Software & Applications”