On 11-06-09 6:14 PM, Stephen John Smoogen wrote:
> On Thu, Jun 9, 2011 at 20:50, Chris Tooley<[log in to unmask]>  wrote:
>> Hello everyone!
>>
>> OK still trying to get graphical login working with SSSD + GDM, so here's
>> more information about my system setup, with which I cannot login using an
>> LDAP account through GDM.
>>
>>         * I am using 6rolling
>>         * I am using base 6rolling install - nothing customized.
>>         * I am using SSSD (sssd-1.5.1-34.el6.x86_64) with LDAP for
>> authentication and identification purposes.
>>         * I can log in as root
>>         * I can log in as a local user, created by root
>>         * Both the local user and root can log in using GDM (root, after
>> editing pam.d/gdm)
>>         * I can log in with an LDAP account using SSH.
>>         * I can log in with an LDAP account into a terminal on the computer
>
> How does the LDAP bind, and can you try not using sssd to see if it is
> that which is cachig a bad answer?
> I am going to say that I don't think this is GDM as much as pam
> getting a DO NOT GO PAST GO somewhere. I would try putting debug
> statements in /etc/pam.d/system-auth


I checked, and system-auth (part of what gdm uses) and password-auth 
(part of what sshd uses) are exactly the same. I would expect the 
problem to exist somewhere in gdm's authentication, but there are no 
useful (to me) messages spit out by GDM when I enable gdm debugging.

So far I have not been able to get debugging enabled for PAM. Has anyone 
done that before?

-Chris