/etc/pam.conf as requested, note that the sshd entries are commented out, I have tried infinite permutations of this file.... ---------------------- # #ident "@(#)pam.conf 1.16 01/01/24 SMI" # # Copyright (c) 1996-2000 by Sun Microsystems, Inc. # All rights reserved. # # PAM configuration # # Authentication management # login auth required /usr/lib/security/$ISA/pam_unix.so.1 login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1 # rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1 rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 # dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 # rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1 other auth sufficient /usr/lib/security/$ISA/pam_ldap.so.1 other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass # # Account management # login account requisite /usr/lib/security/$ISA/pam_roles.so.1 login account required /usr/lib/security/$ISA/pam_projects.so.1 login account required /usr/lib/security/$ISA/pam_unix.so.1 # dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1 login account required /usr/lib/security/$ISA/pam_projects.so.1 login account required /usr/lib/security/$ISA/pam_unix.so.1 # dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1 dtlogin account required /usr/lib/security/$ISA/pam_projects.so.1 dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1 # other account sufficient /usr/lib/security/$ISA/pam_ldap.so.1 other account requisite /usr/lib/security/$ISA/pam_roles.so.1 other account required /usr/lib/security/$ISA/pam_projects.so.1 other account required /usr/lib/security/$ISA/pam_unix.so.1 # # Session management # other session required /usr/lib/security/$ISA/pam_unix.so.1 # # Password management # other password sufficient /usr/lib/security/$ISA/pam_ldap.so.1 other password required /usr/lib/security/$ISA/pam_unix.so.1 use_first_pass dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1 # # Support for Kerberos V5 authentication (uncomment to use Kerberos) # #rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #dtlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1 #other account optional /usr/lib/security/$ISA/pam_krb5.so.1 #other session optional /usr/lib/security/$ISA/pam_krb5.so.1 #other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass # # Support for Solaris PPP (sppp) ppp auth required /usr/lib/security/$ISA/pam_unix.so.1 ppp auth required /usr/lib/security/$ISA/pam_dial_auth.so.1 ppp account requisite /usr/lib/security/$ISA/pam_roles.so.1 ppp account required /usr/lib/security/$ISA/pam_projects.so.1 ppp account required /usr/lib/security/$ISA/pam_unix.so.1 ppp session required /usr/lib/security/$ISA/pam_unix.so.1 # # Support for Openssh with DOL-specific PAM #sshd auth sufficient /usr/lib/security/$ISA/pam_ldap.so.1 #sshd auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass #sshd account sufficient /usr/lib/security/$ISA/pam_unix.so.1 #sshd account required /usr/lib/security/$ISA/pam_pg_lease.so.1 #sshd session required /usr/lib/security/$ISA/pam_unix.so.1 #sshd password sufficient /usr/lib/security/$ISA/pam_ldap.so.1 #sshd password required /usr/lib/security/$ISA/pam_unix.so.1 use_first_pass ------------------------------------ /usr/lib/security/pam_ldap.so.1 is the newly compiled padl binary (pam_ldap-140). Thanks for looking at the problem. On Fri, 2002-03-15 at 15:28, dweise wrote: > hi, > dump your pam.conf. for us. > > --dave > At 02:25 PM 3/15/2002 -0700, you wrote: > >I am unable to get pam_ldap and OpenSSH working on Solaris 8. > > > >Here's the situation: > >1. nss_ldap works fine (verified with id, etc.) > >2. telnet works for an LDAP user. > >3. OpenSSH v3.1p1 compiled '--with-pam' > >4. OpenSSL v0.9.6c > > > >I get the following in /var/adm/messages when attempting to login via > >SSH: > >[ID 487707 auth.error] load_modules: can not open module > >/usr/lib/security/pam_ldap.so.1 > > > >I have tried compiling pam_ldap against different versions of openldap > >(1.2.11 and 2.0.7). > > > >ldd against pam_ldap.so.1 returns all valid libraries... everything > >looks fine. Quite confusing. > > > >If anyone can help, I'll buy you beer (or pizza, or whatever!) > > > >-- > >Blake Barnett (bdb) <blake.barnett@developonline.com> > >Sr. Unix Administrator > >DevelopOnline.com office: 480-377-6816 > > > >Learning is a skill, you get better at it with practice. > > > > > > > >_______________________________________________ > > > >Pam-list@redhat.com > >https://listman.redhat.com/mailman/listinfo/pam-list > > > > > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list -- Blake Barnett (bdb) <blake.barnett@developonline.com> Sr. Unix Administrator DevelopOnline.com office: 480-377-6816 Learning is a skill, you get better at it with practice.
