Solaris PAM Configuration Problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello list-people!

Once again I'm not quite sure whether this is the right list to look for an answer,
but I'll bother you anyway ;-)

I have a problem, possibly PAM-related, with loggin in on my Solaris-server with
an LDAP-account. Local (Solaris), as well as NIS related accounts can log in without
any problem (using both console, as ssh).

The LDAP-configuration for nss_ldap (and probably pam_ldap as well) is OK, which
I have tested looking at files belonging to this LDAP-user. His name and group are displayed
properly, and are in LDAP only.

The message the Solaris server gives me when I try to log in as this particular user is:

Dec 17 16:44:58 moonie login: [ID 432192 auth.alert] User ldapuser needs Secure RPC credentials to login.

These "Secure RPC credentials" seem to be something particular for Solaris, and I think it's
checked using some pam-module. My (oh god, old, but I don't dare to change it) pam.conf
file is at the bottom of this text.

Anybody seen this before, and possibly capable of helping me out, please let me know and you
can expect my eternal appreciation!

Thanks in advance,

Maarten Buiter
Amsterdam, The Netherlands

--------------------------------------------------------------------------------------
#ident "@(#)pam.conf 1.19 95/11/30 SMI"
#
# PAM configuration
#
# Authentication management
#
login auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
login auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass
#
#rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
rlogin auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass

# sshd Modules, using LDAP
sshd auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
sshd auth required /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass

#
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
#
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1
#
# Account management
#
login account requisite /usr/lib/security/$ISA/pam_roles.so.1
login account required /usr/lib/security/$ISA/pam_projects.so.1
login account sufficient /usr/lib/security/$ISA/pam_unix.so.1
login account sufficient /usr/lib/security/$ISA/pam_ldap.so.1
dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1
dtlogin account required /usr/lib/security/$ISA/pam_projects.so.1
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1
#
other account requisite /usr/lib/security/$ISA/pam_roles.so.1
other account required /usr/lib/security/$ISA/pam_projects.so.1
other account required /usr/lib/security/$ISA/pam_unix.so.1
#
# Session management
#
other session required /usr/lib/security/$ISA/pam_unix.so.1
#
# Password management
#
other password sufficient /usr/lib/security/$ISA/pam_unix.so.1
other password required /usr/lib/security/$ISA/pam_ldap.so.1
#dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1
#rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other session optional /usr/lib/security/$ISA/pam_krb5.so.1
#other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass






_______________________________________________

Pam-list@redhat.com
https://listman.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux