From: David S. <ope...@to...> - 2011-05-11 15:13:46
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/05/11 16:59, Ralf Hildebrandt wrote: > * David Sommerseth <ope...@to...>: > >>> That's a client log. Diggign a bit deeper on the server I found that >>> the PAM setting for that user were b0rked. I fixed that and now I'm >>> waiting for him to retry >> >> Interesting ... if you can elaborate more about the PAM setup, > > I'm using pam_per_user to branch out the authorisation against: > kerberos > ldap > and pam_imap Nice. Which OpenVPN implementation for PAM auth do you use? > In my case the user had pam_imap (for the old mailserver), but his > accdount had been migrated to exchange (kerberos), so I saw quite a > lot of errors in the server log. > > USUALLY I expected to see a simple AUTH FAILED. Yeah. If you're using the auth-pam.so module shipped with OpenVPN, I will look into it to see if there's a bug here. But then I need to know what exactly failed. But looking forward to hear when your user connects again. kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk3Kp9EACgkQDC186MBRfrrMHACdEHbS1e/lLNxf3MdaHO30QdDe nm8An1F3cDsLHTj5vfHqE1hiBktJBN0U =c1mT -----END PGP SIGNATURE----- |