(Answer) (Category) OpenLDAP Faq-O-Matic : (Category) Trash : (Answer) Access Denied for this host
This error can occur when the entry "pam_check_host_attr" is set to yes in the ldap.conf file.

If you don't want per host access checking, just set "pam_check_host_attr" to no.

The obvious first thing to check is to make sure the user has the appropriate host entry in their LDAP entry.

Assuming that is correct, or the user has a host entry of "*" to allow them access to all servers, but you're still getting this error; it is very likely that your /etc/resolv.conf file is not correct. I spent way to much time trying to figure out why one out of 20ish servers was not working until I noticed DNS wasn't quite working right, I fixed that, and presto, the user was able to login as expected.
scott.l.miller@gmail.com
This error can occur when the entry "pam_check_host_attr" is set to yes in the ldap.conf file.
If you don't want per host access checking, just set "pam_check_host_attr" to no.
The obvious first thing to check is to make sure the user has the appropriate host entry in their LDAP entry.
Assuming that is correct, or the user has a host entry of "*" to allow them access to all servers, but you're still getting this error; it is very likely that your /etc/resolv.conf file is not correct. I spent way to much time trying to figure out why one out of 20ish servers was not working until I noticed DNS wasn't quite working right, I fixed that, and presto, the user was able to login as expected.
scott.l.miller@gmail.com
[Append to This Answer]
Previous: (Answer) Encrypted password for authentication
Next: (Answer) Access Denied from this host
This document is: http://www.openldap.org/faq/index.cgi?file=1446
[Search] [Appearance]
This is a Faq-O-Matic 2.721.test.
© Copyright 1998-2013, OpenLDAP Foundation, info@OpenLDAP.org