Re: PAM + LDAP passwd changes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've seen little differences with my own config, I'm not a expert in pam
module but my config is working fine with thoses settings don't ask me
exactly why:


auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/pam_ldap.so use_first_pass
auth        required      /lib/security/pam_deny.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow
password    sufficient    /lib/security/pam_ldap.so use_authtok
password    required      /lib/security/pam_deny.so



----- Original Message -----
From: "Maarten Buiter" <maarten@fredhopper.com>
To: <pam-list@redhat.com>
Sent: Thursday, October 24, 2002 3:02 PM
Subject: PAM + LDAP passwd changes


> Hello,
>
> When I, as root, change the password of another user in the /etc/passwd
> file like
>
> [root@star /]#passwd anotheruser
>
> the password program immediately allows me to enter a new password.
>
> Now, I have this user in an LDAP-based directory. As root, I can modify
his
> password, but the passwd-program first asks me to enter this user's
current
> (LDAP) password before it lets me make any changes, which is very
> unpleasant
> in the case of somebody forgetting his/her password.
>
> Does anybody know how I should modify the /etc/pam.d/passwd file to
overcome
> this unwanted situation? The current contents are displayed at the
> bottom of this message.
>
> Thanks in advance
>
> Maarten Buiter
>
> #%PAM-1.0
> auth       sufficient   /lib/security/pam_ldap.so
> auth       required     /lib/security/pam_unix_auth.so use_first_pass
>
> account    sufficient   /lib/security/pam_ldap.so
> account    required     /lib/security/pam_unix_acct.so
>
> password   required     /lib/security/pam_cracklib.so retry=3
> password   sufficient   /lib/security/pam_ldap.so
> password   required     /lib/security/pam_pwdb.so try_first_pass
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> 
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list
>




_______________________________________________

Pam-list@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux