Hello Jon,

if I start my ldap server in debug mode I can see
that it answers on port 389 and also - the other case -
on port 636.
There is nothing wrong in the debug output from the server.
On the other hand I found that a downgrade to nss_ldap-253-5
should solve the problem. This is also not true or only a
part of the game.
In the case I try to login on console (ldaps configured)
I get as root:
pam_unix(login:session): session opened for user root
ROOT LOGIN ON tty1
pam_unix(login:session): session closed for user root

and for other users:
pam_console(login:session): handler '/sbin/pam_console_apply'
caught a signal 13

This is already posted in many sites.

So I believe this is not a configuration problem, this is a
bug in the nss/pam version that is used in SL-5.2.

My next step is a full nss/pam downgrade to the SL-5.1 versions.

 Regards, Olf

> 
> The case I was thinking of was that in the changelog of nss_ldap it 
> mentioned that 'port' in the ldap.conf was previously being ignored, so a 
> config mentioning it might work and then stop after the upgrade (from 5.1 
> to 5.2 say).
> 
> If you don't have port mentioned then it seems unlikely that is the issue.
> 
> Can you tell if the client is actually trying to connect to the ldap 
> server - and if so check that it is doing so on the right address/port?
> 
>   -- Jon
> 

----------------------------------------------------------
Olf Epler                          phone: +49 30 2093-7804
Humboldt University Berlin           fax: +49 30 2093-7642
Department of Physics
Newtonstr. 15
12489 Berlin              email: [log in to unmask]
----------------------------------------------------------