Welcome to the Linux Foundation Forum!

LAB 31.3 LDAP luser1@localhost password not working

LAB 31.3 LDAP luser1@localhost password not working.
as per manual password is "password" but not working

Answers

  • in LAB 31.3 step 8.
    also no packet in Wireshark while doing this authentication.

  • luisviveropena
    luisviveropena Posts: 1,149

    Hi @vikrantchaudhary21,

    1.- What is the OS and version you are working with?
    2.- Is it a local system, a VM or a cloud one?
    3.- Have you installed all the packages in step 1?
    4.- Please provide the content of file /etc/sssd/conf.d/00-sssd.conf .
    5.- Show permissions and owner for file /etc/sssd/conf.d/00-sssd.conf:

    ls -l /etc/sssd/conf.d/00-sssd.conf

    4.- Provide the content of file /etc/pam.d/common-session.
    5.- Do you get any output for 'getent passwd luser1' ?

    Regards,
    Luis.

  • Thanks for your reply. Please find the desired information.

    1.- What is the OS and version you are working with?
    [student@localhost s_31]$ cat /etc/os-release
    NAME="Rocky Linux"
    VERSION="8.7 (Green Obsidian)"
    ID="rocky"
    ID_LIKE="rhel centos fedora"
    VERSION_ID="8.7"
    PLATFORM_ID="platform:el8"
    PRETTY_NAME="Rocky Linux 8.7 (Green Obsidian)"
    ANSI_COLOR="0;32"
    LOGO="fedora-logo-icon"
    CPE_NAME="cpe:/o:rocky:rocky:8:GA"
    HOME_URL="https://rockylinux.org/"
    BUG_REPORT_URL="https://bugs.rockylinux.org/"
    ROCKY_SUPPORT_PRODUCT="Rocky-Linux-8"
    ROCKY_SUPPORT_PRODUCT_VERSION="8.7"
    REDHAT_SUPPORT_PRODUCT="Rocky Linux"
    REDHAT_SUPPORT_PRODUCT_VERSION="8.7"
    [student@localhost s_31]$

    2.- Is it a local system, a VM or a cloud one?
    it's a VM.

    3.- Have you installed all the packages in step 1?
    Yes

    4.- Please provide the content of file /etc/sssd/conf.d/00-sssd.conf .
    [sssd]
    config_file_version =2
    domains = example.com
    services = nss,pam,autofs

    [domain/example.com]
    enumerate = true
    id_provider = ldap
    autofs_provider = ldap
    auth_provider = ldap
    chpass_provider = ldap
    ldap_uri = ldap://192.168.1.35/
    ldap_search_base = dc=example,dc=com
    ldap_id_use_start_tls = true
    cache_credentials = True
    ldap_tls_reqcert =allow

    ldap_tls_reqcert = never

    5.- Show permissions and owner for file /etc/sssd/conf.d/00-sssd.conf:

    ls -l /etc/sssd/conf.d/00-sssd.conf

    [student@localhost s_31]$ sudo ls -l /etc/sssd/conf.d/00-sssd.conf
    -rw-------. 1 root root 378 May 17 10:25 /etc/sssd/conf.d/00-sssd.conf
    [student@localhost s_31]$

    4.- Provide the content of file /etc/pam.d/common-session.
    [student@localhost s_31]$ sudo cat /etc/pam.d/common-session
    cat: /etc/pam.d/common-session: No such file or directory
    [student@localhost s_31]$ cd /etc/pam.d/
    [student@localhost pam.d]$ ll
    total 140
    -rw-r--r--. 1 root root 272 Sep 29 2022 atd
    -rw-r--r--. 1 root root 192 Jan 12 14:57 chfn
    -rw-r--r--. 1 root root 192 Jan 12 14:57 chsh
    -rw-r--r--. 1 root root 728 Sep 12 2022 cockpit
    -rw-r--r--. 1 root root 232 Oct 1 2022 config-util
    -rw-r--r--. 1 root root 322 Oct 1 2022 crond
    -r--r--r--. 1 root root 146 Sep 30 2022 cups
    -rw-r--r--. 1 root root 701 Oct 1 2022 fingerprint-auth
    -rw-r--r--. 1 root root 622 Mar 30 2021 gdm-autologin
    -rw-r--r--. 1 root root 561 Mar 30 2021 gdm-fingerprint
    -rw-r--r--. 1 root root 307 Mar 30 2021 gdm-launch-environment
    -rw-r--r--. 1 root root 787 Mar 30 2021 gdm-password
    -rw-r--r--. 1 root root 800 Mar 30 2021 gdm-pin
    -rw-r--r--. 1 root root 553 Mar 30 2021 gdm-smartcard
    -rw-r--r--. 1 root root 715 Jan 12 14:57 login
    -rw-r--r--. 1 root root 154 Oct 1 2022 other
    -rw-r--r--. 1 root root 168 Apr 20 2022 passwd
    -rw-r--r--. 1 root root 760 Oct 1 2022 password-auth
    -rw-r--r--. 1 root root 155 Apr 13 2022 polkit-1
    -rw-r--r--. 1 root root 398 Oct 1 2022 postlogin
    -rw-r--r--. 1 root root 640 Jan 12 14:57 remote
    -rw-r--r--. 1 root root 143 Jan 12 14:57 runuser
    -rw-r--r--. 1 root root 138 Jan 12 14:57 runuser-l
    -rw-r--r--. 1 root root 743 Oct 1 2022 smartcard-auth
    -rw-r--r--. 1 root root 727 Feb 21 22:21 sshd
    -rw-r--r--. 1 root root 214 Jan 12 14:57 sssd-shadowutils
    -rw-r--r--. 1 root root 566 Jan 12 14:57 su
    -rw-r--r--. 1 root root 154 Jan 23 14:05 sudo
    -rw-r--r--. 1 root root 178 Jan 23 14:05 sudo-i
    -rw-r--r--. 1 root root 137 Jan 12 14:57 su-l
    -rw-r--r--. 1 root root 760 Oct 1 2022 system-auth
    -rw-r--r--. 1 root root 295 Feb 21 22:22 systemd-user
    -rw-r--r--. 1 root root 84 Mar 15 2021 vlock
    -rw-r--r--. 1 root root 159 Nov 8 2022 vmtoolsd
    -rw-r--r--. 1 root root 163 Oct 1 2022 xserver
    [student@localhost pam.d]$

    5.- Do you get any output for 'getent passwd luser1' ?
    yes
    getent passwd luser1
    luser1:*:999001:999001:luser1:/home/users/luser1:

  • Sorry, my mistake I forgot to add this manually.

    [student@localhost pam.d]$ cat common-session
    session required pam_unix.so
    session optional pam_oddjob_mkhomedir.so
    session optional pam_sss.soi
    [student@localhost pam.d]$

    the issue is still present.

  • One update I want to add the lab is working on ubuntu 20.04.

  • luisviveropena
    luisviveropena Posts: 1,149

    Hi @vikrantchaudhary21, thanks for informing us that the lab worked for you on Ubuntu 20.04. I'm checking on CentOS 8 Stream. I'll let you know as soon as I have news.

    Regards,
    Luis.

  • luisviveropena
    luisviveropena Posts: 1,149

    Hi @vikrantchaudhary21,

    This lab is guaranteed to work on Ubuntu 20.04 and is optional. What you have learned here is that each Linux distro handles some tools differently and tool configuration for one distro may not work for other distros. Getting LDAP to work on anything else other than Ubuntu 20.04 is up to the student.

    We will make sure of adding a note to this lab.

    Many regards,
    Luis.

Categories

Upcoming Training