Steve Hopps wrote:
I'll post the full log. It should be pulling from OpenLDAP. I had to censor the log in a few places, including the IP of the system I'm using to test, which I changed to 6.6.6.6
And please check Phil's comment. It is *still* showing this: [pap] Using CRYPT password "*" THAT is the problem. "*" isn't a valid Crypt'd password. It's there because it's being read from /etc/passwd by the "unix" module. The "unix" module is doing that because your configuration is left over from an older version. This was changed in 2.1.10. From the ChangeLog: * No longer look users up in /etc/passwd in the default configuration. This can be reverted by enabling "unix" in the "authorize" section. In addition, the debug output *clearly* shows it's not getting anything from LDAP: [ldap] looking for check items in directory... [ldap] looking for reply items in directory... [ldap] user test authorized to use remote access i.e. it found nothing. If you want it to read LDAP, then: a) delete the "unix" module from the "authorize" section b) don't test with a user who's in /etc/passwd c) ensure that the user exists in LDAP. Alan DeKok.