We are moving from an NIS environment to an LDAP environment and having trouble authenticating to Kerio. Basically, here's the deal.
Previously, we had an environment with 3 servers (NIS primary, Samba and Kerio), all using NIS to keep their user info in sync. Kerio was set to authenticate via PAM which got it's information from the replicated NIS data. No problems.
Now, though, rather than using PAM to keep our user data in sync, we're using OpenLDAP. Everything's working except for the Kerio authentication. The users have the same usernames and can log onto (via SSH) the kerio server, so I'm pretty sure that PAM is working, but I can't log on as that same user to Kerio, even though Kerio is set to authenticate via PAM.
Any help would be greatly appreciated. In my mind, this should be pretty clear cut so I'm sure that I've just overlooked something stupid.
- User can ssh into box with credentials user / password
- Kerio mail server account for user is set to authenticate via Linux PAM
- User goes to webmail and tries to login with user / password (same as the one she successfully logged in via SSH) and it bombs. I'm tailing /var/log/messages and I see the entries below when I try to login:
Jun 3 18:43:44 mail keriomail(pam_unix): check pass; user unknown
Jun 3 18:43:44 mail keriomail(pam_unix): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
I have a few users set to authentiate to the internal database and they're able to login with no problems at all.
The box said "Requires Windows 98 or better", so I installed Linux
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of