nss_ldap SSL/TLS problems..
Benjamin Lee
ben at b1c1l1.com
Wed Feb 11 16:20:15 PST 2009
On 02/10/2009 10:08 PM, Arjun Singh wrote:
> Thanks for the advice. I tried to see if I could get nscd to solve anything,
> but it seems to just hide the problem, and not completely. With nscd
> enabled, the first login fails. After that, it's fine..
>
> I get the following in auth.log corresponding with the failed first login
> (with the correct pw):
>
> Feb 10 22:03:23 new-hkn sshd[59371]: nss_ldap: could not search LDAP server
> - Server is unavailable
> Feb 10 22:03:23 new-hkn sshd[59371]: fatal: login_get_lastlog: Cannot find
> account for uid 10000
> Feb 10 22:03:23 new-hkn sshd[59371]: syslogin_perform_logout: logout()
> returned an error
[...]
It appears to be a bug when using nss_ldap with RELENG_7, as I have been
unable to reproduce the issue on machines running 6.2-RELEASE and
6.3-RELEASE, regardless of the version of OpenLDAP. In my environment,
the machines use pam_krb5 for authentication, so the problem is
definitely not related to pam_ldap. Have you filed a problem report?
--
Benjamin Lee
http://www.b1c1l1.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 898 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090212/594948da/signature.pgp
More information about the freebsd-questions
mailing list