[Bug 1676977] Re: Login prompt never presented with ldap login and ldapi set with a name.

Andreas Hasenack andreas at canonical.com
Fri Mar 2 14:36:43 UTC 2018 

The ldapi:/// worked just fine, as did ldap:// with an IP or a name. And
I don't have an entry in /etc/hosts for the ldap server, I'm really
using DNS. Reboot works just fine, login prompt, and I can login at the
console (and via ssh) with an ldap user.

I'm sorry but I will need the files I requested in comment #16.

Here are mine:

ubuntu at 04-57:~$ cat /etc/ldap.conf | grep -vE "^(#|$)"
base dc=example,dc=com
uri ldap://xenial-slapd-server.lxd
ldap_version 3
pam_password exop


ubuntu at 04-57:~$ cat /etc/ldap/ldap.conf | grep -vE "^(#|$)"
URI    ldap://xenial-slapd.server.lxd
BASE dc=example,dc=com
TLS_CACERT	/etc/ssl/certs/ca-certificates.crt


I used these ldif files to minimally populate the ldap server:

ubuntu at 04-57:~$ cat base.ldif  usergroup.ldif 
dn: ou=People,dc=example,dc=com
ou: People
objectClass: organizationalUnit

dn: ou=Group,dc=example,dc=com
ou: Group
objectClass: organizationalUnit
dn: uid=testuser1,ou=People,dc=example,dc=com
uid: testuser1
objectClass: inetOrgPerson
objectClass: posixAccount
cn: testuser1
sn: testuser1
givenName: testuser1
mail: testuser1 at example.com
userPassword: testuser1secret
uidNumber: 10001
gidNumber: 10001
loginShell: /bin/bash
homeDirectory: /home/testuser1

dn: cn=testuser1,ou=Group,dc=example,dc=com
cn: testuser1
objectClass: posixGroup
gidNumber: 10001
memberUid: testuser1

dn: cn=ldapusers,ou=Group,dc=example,dc=com
cn: ldapusers
objectClass: posixGroup
gidNumber: 10100
memberUid: testuser1


** Attachment added: "ldaplogin.png"
   https://bugs.launchpad.net/ubuntu/+source/libpam-ldap/+bug/1676977/+attachment/5067121/+files/ldaplogin.png

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1676977

Title:
  Login prompt never presented with ldap login and ldapi set with a
  name.

Status in accountsservice package in Ubuntu:
  New
Status in libpam-ldap package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  I have a ldap login configuration that has worked with several Ubuntu
  versions.

  Unfortunately it doesn't work with 16.10.

  If I left my ldapi setting using a name as I used to, the login prompt
  never appears. If I change the ldapi setting to the IP of the
  authentication server, the login works perfectly.

  The authentication server name resolution works fine on 16.10 (after
  login) and on previous version even during login.

  It seems to me my problem is related to some ordering issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: libpam-ldap 184-8.7ubuntu1
  ProcVersionSignature: Ubuntu 4.8.0-44.47-generic 4.8.17
  Uname: Linux 4.8.0-44-generic x86_64
  ApportVersion: 2.20.3-0ubuntu8.2
  Architecture: amd64
  Date: Tue Mar 28 14:33:27 2017
  InstallationDate: Installed on 2017-03-27 (1 days ago)
  InstallationMedia: Xubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2)
  SourcePackage: libpam-ldap
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1676977/+subscriptions

More information about the foundations-bugs mailing list