Running ubuntu 14.0.4.1 on a BananaPi (ARM). I've had a lot of luck getting LDAP authentication to work under 14.0.4 on x86, but something about this just isn't working.
If you run getent passwd | cut -d: -f1 | sort I get all my local unix users, but no accounts from LDAP. Conversely, running that command on one of my x86 boxen works just fine. It's like it doesn't even consider going to LDAP.
If you try and su to an LDAP user, it fails with the following in /var/log/auth.log
Nov 19 12:09:18 BananaPi sudo: jonathanfisher : TTY=pts/0 ; PWD=/home/jonathanfisher ; USER=root ; COMMAND=/bin/su - jonathan.fisher
Nov 19 12:09:18 BananaPi sudo: pam_unix(sudo:session): session opened for user root by jonathanfisher(uid=0)
Nov 19 12:09:18 BananaPi su[627]: No passwd entry for user 'jonathan.fisher'
Nov 19 12:09:18 BananaPi su[627]: FAILED su for jonathan.fisher by root
Nov 19 12:09:18 BananaPi su[627]: - /dev/pts/0 root:jonathan.fisher
Nov 19 12:09:18 BananaPi sudo: pam_unix(sudo:session): session closed for user root
Here's my /etc/nsswitch.conf file:
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis ldap
Any help or hints is appreciated... ESPECIALLY if anyone knows how to turn on more debug logging for the authentication stack. THANK YOU!
EDIT
So I figured at least one thing out, this is something wrong with lib_pam.so itself, not the nsswitch.conf file. I did an experiment /etc/nsswitch.conf modified it so it had ldap only. The boot failed of course, but it proves that the system is actually reading the file.
Again, if anyone knows how to turn on debug logging in the pam stack, that'd be fricken super.
