LDAP Auth for solaris erros logs

From: Prashant Desai (pressy_sun@yahoo.com)
Date: Sat Jan 11 2003 - 18:52:26 EST

• Next message: russell W: "solaris/disk size question"
• Previous message: Gerard Henry: "setting up dhcp client behind cablemodem barricade"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all

   i have compiled the openldap 1.2.11 on my sun os
5.9 , modified the files /etc/nsswitch.conf &
/etc/pam.conf as directed by the docs but when i try
to authenticate using a user id defined in the ldap i
am getting following error kindly tell me what does
this error means and how can i resolve this

---------------------error -------------------------
Jan 12 05:13:13 suspare login: [ID 293258 auth.error]
libsldap: Status: 2 Mesg:
 Unable to load configuration
'/var/ldap/ldap_client_file' ('').

---------------------error---------------------------

my nsswitch.conf is as follows

bash-2.05# cat nsswitch.conf | more
#
# /etc/nsswitch.dns:
#
# An example file that could be copied over to
/etc/nsswitch.conf; it uses
# DNS for hosts lookups, otherwise it does not use any
other naming servic
#
# "hosts:" and "services:" in this file are used only
if the
# /etc/netconfig file has a "-" for nametoaddr_libs of
"inet" transports.

passwd: files ldap

group: files ldap

# You must also set up the /etc/resolv.conf file for
DNS name
# server lookup. See resolv.conf(4).
hosts: files dns
ipnodes: files
# Uncomment the following line and comment out the
above to resolve
# both IPv4 and IPv6 addresses from the ipnodes
databases. Note that
# IPv4 addresses are searched in all of the ipnodes
databases before
# searching the hosts databases. Before turning this
option on, consult
# the Network Administration Guide for more details on
using IPv6.
#ipnodes: files dns
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
# At present there isn't a 'files' backend for
netgroup; the system will
# figure it out pretty quickly, and won't use
netgroups at all.
netgroup: files
automount: files
aliases: files
services: files
sendmailvars: files
printers: user files

auth_attr: files
prof_attr: files
project: files

 my pam.conf is as follows

bash-2.05# cat pam.conf | more
#
#ident "@(#)pam.conf 1.20 02/01/23 SMI"
#
# Copyright 1996-2002 Sun Microsystems, Inc. All
rights reserved.
# Use is subject to license terms.
#
# PAM configuration
#
# Unless explicitly defined, all services use the
modules
# defined in the "other" section.
#
# Modules are defined with relative pathnames, i.e.,
they are
# relative to /usr/lib/security/$ISA. Absolute path
names, as
# present in this file in previous releases are still
acceptable.
#
# Authentication management
#
# login service (explicit because of pam_dial_auth)
#

login auth sufficient
/usr/lib/security/pam_ldap.so.1
login auth required pam_unix.so.1
login account requisite
/usr/lib/security/$ISA/pam_roles.so.1
login account required
/usr/lib/security/$ISA/pam_projects.so.1
login account required
/usr/lib/security/$ISA/pam_unix.so.1

#login auth requisite pam_authtok_get.so.1
#login auth required pam_dhkeys.so.1
#login auth required pam_unix_auth.so.1
#login auth required pam_dial_auth.so.1
#
# rlogin service (explicit because of pam_rhost_auth)
#
rlogin auth sufficient pam_rhosts_auth.so.1
rlogin auth requisite pam_authtok_get.so.1
rlogin auth required pam_dhkeys.so.1
rlogin auth required pam_unix_auth.so.1
#
# rsh service (explicit because of pam_rhost_auth,
# and pam_unix_auth for meaningful pam_setcred)
#
rsh auth sufficient pam_rhosts_auth.so.1
rsh auth required pam_unix_auth.so.1
#
# PPP service (explicit because of pam_dial_auth)
ppp auth requisite pam_authtok_get.so.1
ppp auth required pam_dhkeys.so.1
ppp auth required pam_unix_auth.so.1
ppp auth required pam_dial_auth.so.1
#
# Default definitions for Authentication management
# Used when service name is not explicitly mentioned
for authenctication
#
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_auth.so.1
#
# passwd command (explicit because of a different
authentication module)
#
passwd auth required pam_passwd_auth.so.1
#
# cron service (explicit because of non-usage of
pam_roles.so.1)
#
cron account required pam_projects.so.1
cron account required pam_unix_account.so.1
#
# Default definition for Account management
# Used when service name is not explicitly mentioned
for account management
#
other account requisite pam_roles.so.1
other account required pam_projects.so.1
other account required pam_unix_account.so.1
#
# Default definition for Session management
# Used when service name is not explicitly mentioned
for session management
#
other session required pam_unix_session.so.1
#
# Default definition for Password management
# Used when service name is not explicitly mentioned
for password management
#
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1
#
# Support for Kerberos V5 authentication (uncomment to
use Kerberos)
#
#rlogin auth optional pam_krb5.so.1
try_first_pass
#login auth optional pam_krb5.so.1
try_first_pass
#other auth optional pam_krb5.so.1
try_first_pass
#cron account optional pam_krb5.so.1
#other account optional pam_krb5.so.1

 kindly let me know whats wrong

regards
Prashant
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: russell W: "solaris/disk size question"
• Previous message: Gerard Henry: "setting up dhcp client behind cablemodem barricade"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:34 EDT