SSH and ldap stoped working together

This was running fine until recently, where ldap users were able to connect to a server via ssh and loging in with their login/pssword combo.

Recently all accounts get told permission denied with the exception of root.

When a user tried to connect, the /var/log/messages is as follows below.

Any thoughts?

Bryan M


Sep 22 12:27:14 srv01 syslog-ng[3104]: last message repeated 2 times
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 fd=39 ACCEPT from IP=127.0.0.1:34277 (IP=0.0.0.0:389)
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=0 BIND dn="" method=128
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=0 RESULT tag=97 err=0 text=
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=1 SRCH base="ou=People,ou=Users,dc=companyName,dc=lan" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=myUserAcc))"
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=2 SRCH base="ou=Users,dc=companyName,dc=lan" scope=2 deref=0 filter="(&(objectClass=shadowAccount)(uid=myUserAcc))"
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=2 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire shadowFlag
Sep 22 12:27:47 srv01 slapd[3734]: conn=190 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:27:49 srv01 slapd[3734]: conn=190 op=3 SRCH base="ou=Users,dc=companyName,dc=lan" scope=2 deref=0 filter="(&(objectClass=shadowAccount)(uid=myUserAcc))"
Sep 22 12:27:49 srv01 slapd[3734]: conn=190 op=3 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire shadowFlag
Sep 22 12:27:49 srv01 slapd[3734]: conn=190 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:27:49 srv01 sshd[7419]: Failed password for myUserAcc from ###.###.###.### port 2748 ssh2

> This was running fine until recently

[sorry, but i don’t see any hints in the messages…maybe someone else
can/will]

what about your server or anything in the entire system between your
user’s keyboard and the data on the server changed just prior to
that ‘until’ above?

what OS and version is running on the server? was it “recently”
patched/updated? can you go back to the previous setup (restore with
a pre-“recently” backup)?


platinum