error retrieving information about user pam_succeed_if
Cc: "pam-list redhat com"
Pam User Not Known To The Underlying Authentication Module . -----Original Message----- From: Robert Wolf [mailto:r wolf gentoo atlas cz] Sent: quarta-feira, 9 de Abril de 2008 8:44 To: Nuno Manuel Martins Subject: Re: Problem with pam_ldap Hi, it looks like you have not configured NSS
Error: Pam: User Not Known To The Underlying Authentication Module For Illegal User (nss-ldap) to use LDAP server for list of users. Does the command getent passwd myuser find the user "myuser"? If not, then the system does not know anything about this user and does not want to authenticate it. You have to setup both nss-ldap (for system to be able to see LDAP users) and pam-ldap (for PAM to authenticate using LDAP). Regards, Wolf. On Tue, 8 Apr 2008, Nuno Manuel Martins wrote: > > Hello, > pam_succeed_if(sshd:auth): error retrieving information about user winbind > I am currently using OpenLDAP for authentication and seems I'm having some troubles explaining PAM what it should be doing. I get this error when trying to login with an ldap user trough ssh: > > Apr 8 16:38:16 rh01 sshd: debug1: userauth-request for user myuser service ssh-connection method password > Apr 8 16:38:16 rh01 sshd: debug1: attempt 1 failures 1 > Apr 8 16:38:17 rh01 sshd: pam_unix(sshd:auth): check pass; user unknown > Apr 8 16:38:17 rh01 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=rh01.localdomain > Apr 8 16:38:17 rh01 sshd: pam_succeed_if(sshd:auth): error retrieving information about user myuser > Apr 8 16:38:19 rh01 sshd: debug1: PAM: password authentication failed for an illegal user: User not known to the underlying authentication module > Apr 8 16:38:19 rh01 sshd: Failed password for invalid user myuser from 127.0.0.1 port 42064 ssh2 > > So it seems he just doesn't recognize the user (stored in LDAP directory). I had this working before but then I made some changes to try to make the pam files more readable and now they never got back to working ... :) > > Here is my system-auth file in /etc/pam.d > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth sufficient pam
Pam_unix(sshd:auth): Check Pass; User Unknown Ldap Hey all, I'm trying to get down to the bottom pam_sss user not known to the underlying authentication module of a slight mystery we're having. We have a situation where some account stored in pam_winbind could not retrieve user's password LDAP (using openldap) can log into some hosts but not others using their LDAP account information. To demonstrate, I take one of the users who is https://www.redhat.com/archives/pam-list/2008-April/msg00014.html trying to login and verify that he does not have a local account on the target computer: [root@monitor:~] #grep spencer /etc/passwd [root@monitor:~] # [root@monitor:~] #id spencer id: spencer: No such user You have a problem already, the id command should return spencer's account info if everything is configured correctly. But the http://www.openldap.org/lists/openldap-technical/201403/msg00107.html user should have the ability to login via their LDAP account: [root@monitor:~] #getent passwd | grep spencer spencer :*:10002:5000:Spencer Brown :/home/spencer:/bin/bash Assuming your PAM and NSS are configured correctly, this usually indicates that you have NSCD running on your system, and its cache is stale. Do a google search on NSCD problems - it's well established fact that NSCD is broken by design and is unusable. Your nsswitch config shows you're using RedHat's SSSD. SSSD also caches information, and there are also many problems with its caching implementation. Again, SSSD is not recommended. The recommended software is nssov (+pcache if you still want caching). But when I attempt to log into the host using his password (this is a test account and I know the password) I get permission denied: [me@home:~/creds] #ssh email@example.com
Search HCL Search Reviews Search ISOs Go to Page... LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie Too much pam_succeed_if(sshd:auth): error retrieving information about http://www.linuxquestions.org/questions/linux-newbie-8/too-much-pam_succeed_if-sshd-auth-error-retrieving-information-about-user-in-mail-4175560600/ user in mail User Name Remember Me? Password Linux - Newbie This Linux forum is for members that are new to Linux. Just starting out and have a question? If it is not in the man pages or the how-to's this is the place! Notices Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are currently viewing LQ as a guest. By error retrieving joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today! Note that registered members see fewer ads, and ContentLink is completely disabled once you log in. Are you new to LinuxQuestions.org? Visit the following links: Site error retrieving information Howto | Site FAQ | Sitemap | Register Now If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here. Having a problem logging in? Please visit this page to clear all LQ-related cookies. Introduction to Linux - A Hands on Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter. For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own. Click Here to receive this Complete Guide absolutely free. Search this Thread 12-04-2015, 02:04 AM #1 Durai LQ Newbie Registered: May 201