Ubuntu
libpam-ldap package

Bug #333460
Comment #7

Comment 7 for bug 333460

Revision history for this message

fidel (fidel-daniels) wrote on 2009-03-07: Re: [Bug 333460] Re: [Hardy][LDAP]client authentication broken

Unfortunately no openldap-auth-config is found. I got openldap-utils
installed, if I look for commands starting with auth, I can find
auth-client-config, authtool and authtool-gtk.
Neither authtool nor authtool-gtk works though:

$ sudo authtool
Traceback (most recent call last):
  File "/usr/bin/authtool", line 306, in <module>
    at = AuthtoolCLI()
  File "/usr/bin/authtool", line 183, in __init__
    self.authtools = Authtools()
  File "/var/lib/python-support/python2.5/AuthTool/authtools.py", line
264, in __init__
    self.method_cfgs[method] = obj(self.cfg)
  File "/usr/share/authtool/auth_methods/kerberos/kerberos.py", line 50,
in __init__
    default_realm = self.db.get('krb5-config/default_realm')
  File "/var/lib/python-support/python2.5/AuthTool/authtools.py", line
192, in get
    return self.db.get(item)
  File "/usr/lib/python2.5/site-packages/debconf.py", line 60, in
<lambda>
    lambda *args, **kw: self.command(command, *args, **kw))
  File "/usr/lib/python2.5/site-packages/debconf.py", line 96, in
command
    raise DebconfError(status, data)
debconf.DebconfError: (10, "krb5-config/default_realm doesn't exist")

$ gksu authtool-gtk
/usr/lib/python2.5/site-packages/apt/__init__.py:18: FutureWarning: apt
API not stable yet warnings.warn("apt API not stable yet",
FutureWarning)
reWarning: apt API not stable yet

I probably need to reinstall this machine... and probably switch to
Intrepid anyway.

Thanks for your help!
Greets
Dave

Am Freitag, den 06.03.2009, 18:42 +0000 schrieb Adam Sommer:
> Ya, it's probably an issue with your PAM configuration. The easiest way
> to configure an Ubuntu client to authenticate using LDAP, is to use
> ldap-auth-config. The Ubuntu Server Guide for Intrepid includes
> instructions, and they should work for Hardy as well:
>
> https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
> #openldap-auth-config
>
> Before using ldap-auth-client and auth-client-config I would recommend
> making a backup of /etc/pam.d, /etc/nsswitch.conf, and /etc/ldap.conf.
>
> Can you give that a try?
>
> Thanks
>

$ gksu authtool-gtk
/usr/lib/python2.5/site-packages/apt/__init__.py:18: FutureWarning: apt
API not stable yet  warnings.warn("apt API not stable yet",
FutureWarning)
reWarning: apt API not stable yet

I probably need to reinstall this machine... and probably switch to
Intrepid anyway.

Thanks for your help!
Greets
Dave

Am Freitag, den 06.03.2009, 18:42 +0000 schrieb Adam Sommer:
> Ya, it's probably an issue with your PAM configuration.  The easiest way
> to configure an Ubuntu client to authenticate using LDAP, is to use
> ldap-auth-config.  The Ubuntu Server Guide for Intrepid includes
> instructions, and they should work for Hardy as well:
> 
>   https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
> #openldap-auth-config
> 
> Before using ldap-auth-client and auth-client-config I would recommend
> making a backup of /etc/pam.d, /etc/nsswitch.conf, and /etc/ldap.conf.
> 
> Can you give that a try?
> 
> Thanks
>

Ubuntulibpam-ldap package

Comment 7 for bug 333460

Ubuntu
libpam-ldap package