Re: OpenSSH public key problem with Solaris 10 and LDAP users?
This is a discussion on Re: OpenSSH public key problem with Solaris 10 and LDAP users? within the OpenSSH Development forums, part of the Networking and Network Related category; Since you are using Solaris, and the problem is with old users, added with the PADL MigrationTools, vs new users, ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-16-2007
|
|||
|
|||
Re: OpenSSH public key problem with Solaris 10 and LDAP users?
Since you are using Solaris, and the problem is with old users, added with
the PADL MigrationTools, vs new users, this might be a userPassword attribute issue in LDAP. The PADL will add the old password to LDAP using the string: {crypt}crypted-password where crypted-password was copied from /etc/shadow or NIS. If you used some other tool to add new users to ldap with a userPassword (or no userPasswrod) it might be adding a value which the Solaris pam considers to be a locked account. So look at how you added the new users to ldap. Test as *root* with: ldaplist -l username It should have a line with userPassword: {crypt}crypted-password If its not{crypt}something then try changing it to use {crypt} the getpw.c program I sent yesterday should return (assuming the username is not also in the local /etc/passwd file): useranme:x:... username:crypted-password:... -- Douglas E. Engert <DEEngert@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
