Immediate logout after login

authentication login ldap redhat

8,186

I think, finally I find the reason of this problem: after logging in system gives to user not existing shell: /sbin/nologin. After adding this string:

map     passwd loginShell       "/bin/bash"

in /etc/nslcd.conf everything become ok.

8,186

toshyak

Updated on September 18, 2022

Comments

toshyak over 1 year
I have copied VM with Red Hat 6.4 in VMware vSphere Client, move it to another network and change configs for connecting to ldap servers. And now I have a problem with logging procedure through LDAP. When I try to login either locally or via ssh, system immediatly logged me out. This is the messages in /var/log/secure when I try to connect via ssh:
```
Feb 17 13:41:57 %hostname% sshd[1452]: Accepted password for %user_name% from 10.84.176.248 port 30104 ssh2
Feb 17 13:41:57 %hostname% sshd[1452]: pam_unix(sshd:session): session opened for user %user_name% by (uid=0)
Feb 17 13:41:57 %hostname% sshd[1452]: pam_unix(sshd:session): session closed for user %user_name%
```
So, I know that my system can connect to LDAP (command id %username% return valid answer) and uses pam for login. Here is my /etc/pam.d/system-auth:
```
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 500 quiet
auth        required      pam_deny.so

account     required      pam_unix.so
account     sufficient    pam_localuser.so
account     required      pam_permit.so
account     required      pam_access.so

password    requisite     pam_cracklib.so try_first_pass retry=3 type=
password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so
session     optional      pam_mkhomedir.so
```
I think that I successfully pass through pam authorisation, because the very last instruction was executed (home directory was created). So I think something another logging me out.

I checked /etc/passwd file and it looks fine to me:
```
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
```
Also there is no some auth restriction in /etc/security/limits.conf

Any advice would be appreciated. Thank you!

P.S. I have no access to my old VM and cannot check is it possible to log in there.
- Jason Zhu over 10 years
  
  My guess is that you switched networks without updating your /etc/hosts.alow
- toshyak about 10 years
  
  @JasonZhu No, hosts.allow and hosts.deny are both empty. I'm pretty sure that it is not network problem.
- Admin about 10 years
  
  My first step when troubleshooting LDAP auth is to validate time sync. Check that ntpd is running and you're showing a reasonable "date" response. I doubt that's the problem, but it's good to rule it out.
- toshyak about 10 years
  
  @sallie yes, you are right, there were some problems with time sync, but now I fix them and nothing changes, I still get this problem