On Wed, Sep 20, 2006 at 11:50:12PM +0100, Pete Clarke wrote: > Hi there, > > I have a working LDAP environment, running Open Ldap on a Debian Sarge > installation. This is all good - users can log in, change passwords etc. > without a problem. > What doesn't work are users contained in the /etc/passwd file - i.e. I can > log into a system using an LDAP users, but not a local one. > I cannot change the root passord either - I get the following error: > > alderney:/etc/pam.d# passwd > passwd: Authentication information cannot be recovered > > The contents of my pam.d/common-* files are: > > common-account: > account sufficient pam_ldap.so > account required pam_unix.so try_first_pass > > common-auth: > auth sufficient pam_ldap.so > auth required pam_unix.so nullok_secure use_first_pass > > common-password: > password sufficient pam_ldap.so > password required pam_unix.so nullok obscure min=4 max=8 md5 > use_first_pass > > common-session: > session sufficient pam_ldap.so > session required pam_unix.so > > nsswitch.conf: > passwd: files ldap > group: files ldap > shadow: files ldap > hosts: files dns > networks: files > protocols: db files > services: db files > ethers: db files > rpc: db files > netgroup: nis > > I have a user in /etc/passwd that I cannot do anything with. I created it > in the normal way (groupadd/useradd) but if I try to set a password I get: > > alderney:/home/pclarke# passwd cvs-admin > passwd: Authentication information cannot be recovered > > So, LDAP users work fine - login/out, change password etc. but local file > users cannot do anything. I can't even change the root password. > > Any ideas? >
Do the uids of the local users collide with those of the LDAP users? Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
