Ola Pessoal.

Estou com dificuldades de fazer um Debian Lenny 32 bits autenticar na base LDAP de outro servidor Debian Lenny 32 bits. Ja tentei várias configurações, mas ainda não está OK. Eu consigo listar os usuários e grupos da base ldap sem problemas, tanto no servidor LDAP quando no cliente ldap. Porém, quando eu tento fazer login na base ldap, não rola...da senha incorreta....nos logs não apresenta nenhum erro. Abaixo estou postando as minhas configurações. Se alguem puder me ajudar, eu agradeço.


SERVIDOR LDAP: IP 192.168.50.64

/etc/pam_ldap.conf

base dc=adlab,dc=local
uri ldap://127.0.0.1
ldap_version 3
rootbinddn cn=admin,dc=adlab,dc=local


/etc/libnss-ldap.conf

base dc=adlab,dc=local
uri ldap://127.0.0.1
ldap_version 3


/etc/nsswitch

passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 ldap
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis


/etc/ldap/slapd.conf

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel none
modulepath /usr/lib/ldap
moduleload back_bdb
sizelimit 500
tool-threads 1
backend bdb
database bdb
suffix "dc=adlab,dc=local"
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index objectClass eq
index ou,cn,sn,mail,givenname eq,pres,sub
index uidNumber,gidNumber,memberUid eq,pres
index loginShell eq,pres
lastmod on
checkpoint 512 30
access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=adlab,dc=local" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=adlab,dc=local" write
by * read


/etc/pam.d/common-account

account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
account [success=1 default=ignore] pam_ldap.so
account requisite pam_deny.so
account required pam_permit.so



/etc/pam.d/common-auth

auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so


/etc/pam.d/common-session

session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required pam_unix.so
session optional pam_ldap.so


/etc/pam.d/common-password

password [success=2 default=ignore] pam_unix.so obscure md5
password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass
password requisite pam_deny.so
password required pam_permit.so


##############################################################################################################################################################



CLIENTE LDAP - 192.168.50.63

/etc/pam_ldap.conf

base dc=adlab,dc=local
uri ldap://192.168.50.64
ldap_version 3
rootbinddn cn=admin,dc=adlab,dc=local


/etc/libnss-ldap.conf

base dc=adlab,dc=local
uri ldap://192.168.50.64
ldap_version 3


/etc/nsswitch

passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 ldap
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis