there's a way around that problem: http://www.openldap.org/lists/openldap-software/200010/msg00097.html which is why I had wondered how some other pam files should be setup, like samba. Did you see the pam examples in the nss-ldap package? On Mon, 24 Feb 2003, sentinel wrote: > Everything else? You mean besides ssh? Well.. I'm definitely not an > expert in PAM nor Ldap. I've been working hard core with it the last month > and learned a great deal (we're implementing ldap for single source sign > on). We plan on using it for much more including Apache authentication, > address book management and so on. Other services such as login seem to > work fine with ldap setup this way. I haven't tried many beyond login, ssh > and apache (with ldap authentication). > > Something I'm unhappy about ldap and authentication is a lack of > flexability. When ldap is unavailable then local files are not queried. > It's really weird. I have my nsswitch.conf setup to check local files first > then ldap. You would think I can still login with local user accounts > regardless of my ldap status. Nope. Someone in the redhat list mentioned > it was a bug with nss_ldap. ::sigh:: > > To resolve this problem I'm setting up 3 ldap servers :-) Just in case. > Otherwise I'm thrilled over our solution. Now if we could only resolve the > pam_mkhomedir problem with ssh running privsep :-) > > One thing at a time ::grinz:: > > > > Quoting Justin Zygmont <jzygmont@solarflow.dyndns.org>: > > > oh, that. what about everything else though, there are examples from > > the > > nss-ldap package but I noticed some of them don't even work. Time to > > read > > up on pam:) > > > > > > On Mon, 24 Feb 2003, sentinel wrote: > > > > > I have an ldap server and clients running redhat 8.0. Authconfig > > modified > > > the pam files when I enabled ldap authentication. Actually it didn't > > modify > > > sshd however system-auth was modified with the ldap entries. > > > > > > > > > > > > Quoting Justin Zygmont <jzygmont@solarflow.dyndns.org>: > > > > > > > not the pam files. > > > > > _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
