Hello list-people!
Once again I'm not quite sure whether this is the right list to look for
an answer,
but I'll bother you anyway ;-)
I have a problem, possibly PAM-related, with loggin in on my
Solaris-server with
an LDAP-account. Local (Solaris), as well as NIS related accounts can
log in without
any problem (using both console, as ssh).
The LDAP-configuration for nss_ldap (and probably pam_ldap as well) is
OK, which
I have tested looking at files belonging to this LDAP-user. His name and
group are displayed
properly, and are in LDAP only.
The message the Solaris server gives me when I try to log in as this
particular user is:
Dec 17 16:44:58 moonie login: [ID 432192 auth.alert] User ldapuser needs
Secure RPC credentials to login.
These "Secure RPC credentials" seem to be something particular for
Solaris, and I think it's
checked using some pam-module. My (oh god, old, but I don't dare to
change it) pam.conf
file is at the bottom of this text.
Anybody seen this before, and possibly capable of helping me out, please
let me know and you
can expect my eternal appreciation!
Thanks in advance,
Maarten Buiter
Amsterdam, The Netherlands
--------------------------------------------------------------------------------------
#ident "@(#)pam.conf 1.19 95/11/30 SMI"
#
# PAM configuration
#
# Authentication management
#
login auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass
#
#rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
rlogin auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass
# sshd Modules, using LDAP
sshd auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
sshd auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass
#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1
#
# Account management
#
login account requisite /usr/lib/security/$ISA/pam_roles.so.1
login account required /usr/lib/security/$ISA/pam_projects.so.1
login account sufficient /usr/lib/security/$ISA/pam_unix.so.1
login account sufficient /usr/lib/security/$ISA/pam_ldap.so.1
dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1
dtlogin account required /usr/lib/security/$ISA/pam_projects.so.1
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1
#
other account requisite /usr/lib/security/$ISA/pam_roles.so.1
other account required /usr/lib/security/$ISA/pam_projects.so.1
other account required /usr/lib/security/$ISA/pam_unix.so.1
#
# Session management
#
other session required /usr/lib/security/$ISA/pam_unix.so.1
#
# Password management
#
other password sufficient /usr/lib/security/$ISA/pam_unix.so.1
other password required /usr/lib/security/$ISA/pam_ldap.so.1
#dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1
#rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1
try_first_pass
#login auth optional /usr/lib/security/$ISA/pam_krb5.so.1
try_first_pass
#other auth optional /usr/lib/security/$ISA/pam_krb5.so.1
try_first_pass
#dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other session optional /usr/lib/security/$ISA/pam_krb5.so.1
#other password optional
/usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
_______________________________________________
Pam-list@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list
