maria-discuss team mailing list archive

Thread
Date

OpenLDAP & PAM authentication

To: Maria-discuss@xxxxxxxxxxxxxxxxxxx
From: Adam Balgach <adam.balgach@xxxxxxxxx>
Date: Fri, 19 Jan 2018 14:40:28 +0000

Hello –



I am having an issue configuring openLDAP to authenticate users on an
instance in RHEL (CentOS 7)



MariaDB server

configured with plugin-load=auth_pam.so

in my /etc/pam.d/mysql:
auth required pam_ldap.so
account required pam_ldap.so

when I try and access the server from either the localhost, or any server
inside my internal network, I see the LDAP authentication happen without
issue and login is fine.

When I try and access the server from outside the network, on the mariadb
server in /var/log/secure I see the following:

Jan 19 08:32:35 mysqld: pam_ldap(mysql:auth): unexpected response from
failed conversation function

Jan 19 08:32:35 mysqld: pam_ldap(mysql:auth): conversation failed

Jan 19 08:32:35 mysqld: pam_ldap(mysql:auth): failed to get password:
Authentication token manipulation error


And in my client (Cygwin) I get the following error:


ERROR 2059 (HY000): Authentication plugin 'mysql_clear_password' cannot be
loaded: No such file or directory


However I see this plugin in the /usr/lib64/mysql/plugin directory


Any idea what is going wrong with remote logins? Thanks-

Follow ups

Re: OpenLDAP & PAM authentication
From: Sergei Golubchik, 2018-01-19