# LDAP Authentication



## lucas1 (Apr 20, 2021)

Good day.

Configured mostly from here https://docs.freebsd.org/en/articles/ldap-auth/article.html for sshd.
Through security/pam_ldap and net/nss_ldap.  (not through sssd)


Now when you type username@domain.com and password in console in /var/log/debug.log:

```
sshd[7627]: in pam_get_user(): entering
 sshd[7627]: in pam_get_item(): entering: PAM_USER
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
sshd[7627]: in pam_get_user(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_data(): entering: 'PADL-LDAP-SESSION-DATA'
 sshd[7627]: in pam_get_data(): returning PAM_NO_MODULE_DATA
 sshd[7627]: in pam_set_data(): entering: 'PADL-LDAP-SESSION-DATA'
 sshd[7627]: in pam_set_data(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_CONV
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_set_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_set_item(): returning PAM_SUCCESS
 sshd[7627]: in pam_get_item(): entering: PAM_AUTHTOK
 sshd[7627]: in pam_get_item(): returning PAM_SUCCESS
 sshd[7627]: in openpam_dispatch(): /usr/local/lib/pam_ldap.so: pam_sm_authenticate(): Unknown user
```
and /var/log/auth.log

```
sshd[7627]: Failed password
```
But password correct.

What do you advise ?


----------



## SirDice (Apr 20, 2021)

Enter the username without the @domain.com part. Your uid in LDAP is set to the username only.


----------



## lucas1 (Apr 22, 2021)

In general, I decided to use pam_winbind for Windows domain  authentication on domain controlers.
Samba doing great. 
And with  authentication for lightdm also.


----------

