[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

RE: Authentication problems with ldap



This works for my environment:
 
auth       required     pam_env.so
auth       sufficient   pam_unix.so audit
auth       sufficient   pam_ldap.so use_first_pass
# pam_ldap acct verifies host in ldap user's ACL and returns IGNORE if non-ldap.
# pam_unix acct succeeds w/o checking ACL if put 1st as pam_ldap auth would
#          have already retrieved user's passwd and shadow info.
account    required     pam_ldap.so ignore_unknown_user ignore_authinfo_unavail
account    required     pam_tally.so deny=3 no_magic_root reset
account    sufficient   pam_unix.so audit
password   requisite    pam_cracklib.so retry=3 minlen=14 lcredit=-2 ocredit=-2 ucredit=-2 dcredit=-2
password   sufficient   pam_ldap.so use_authtok
password   sufficient   pam_unix.so use_authtok shadow md5 audit
# pam_ldap session, pam_sm_open_session(), closes any remaining ldap connection.
session    required     pam_limits.so
session    required     pam_mkhomedir.so skel=/etc/skel umask=0022
session    required     pam_unix.so audit
session    required     pam_ldap.so
Kevin

From: Lynn York
Sent: Mon 9/22/2008 11:02 AM
To: Pluggable Authentication Modules
Subject: RE: Authentication problems with ldap

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

Add to Google Powered by Linux