On Thu, 2007-01-04 at 13:38 -0700, Brian Kosick wrote: > > > Dang I smoke some good crack. I figured it out. I had accidentally? > > > installed the mod_auth_pam rpm, I rpm -e 'd it, and restarted httpd, and > > > it works like I want it to. > > > > > > It looks like the mod_auth_pam rpm forces the ldap queries to go through > > > system pam which was enforcing my pam_check_host_attr setting. > > > > mod_auth_pam should follow the directives in /etc/pam.d/http which > > doesn't necessarily have to include the same things as other services. > > > > Thanks, for the tip, I'll look into it, however, since I don't need/use > it for anything at the moment, it's going to go on my back burner.... The place it is great is where you want to provide web access to a set of people who already have passwords elsewhere like a windows domain plus some local users, and ldap should work the same way. You can skip the need for any account info with a line like: account required pam_permit.so if all you want is a password check. -- Les Mikesell lesmikesell at gmail.com
