cannot get ldap to authenticate in 11.2

hi all!

had 11.1 for some time, was working fine. decided to upgrade… long story short - did a fresh install with livecd of the 11.2.

i use ldap server for authentication, its on the lan. configuration during install goes through fine. fetch dn, etc… then after the bootup - authentication error for any user except root.
at the same time automounter works fine, ldap requests are going through for hosts (my local hostnames are also on this ldap server), I can edit users through YAST when logged on this box, but alas! even for “su - user” i get “incorrect password”, whereas if I am root, then “su - user” gets me logged in as user. password does not go through!

help! I don’t understand what could be wrong. where to dig?

UPD: to whom it may concern, the problem was solved.

it appeared because during the installation LDAP auth was selected from the beginning (right the first dialogue about user name), so no passwd file was created.
in the nsswitch.conf, nevertheless, auth type was still “files ldap” which likely caused the problem.

workaround: in the first dialogue use “passwd” auth, create root password, further during configuration you may specify LDAP as auth and set it up, then it works.

i am not sure also if the liveCD install was the problem, the second install i did was from DVD.

TWIMC:

I had the same problem with the live CD and didn’t have the option of installing from the DVD. Had to change /etc/pam.d/common_auth

from:
auth required pam_env.so
auth required pam_unix2.so null_ok

to:
auth required pam_env.so
auth sufficient pam_unix2.so
auth required pam_ldap.so use_first_pass

Not sure it is right but it worked.

Thanks to both of you for the info. I’ll be upgrading a server to 11.2 in a few weeks, and this will come very much in handy. :slight_smile: