LDAP Authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am attempting to setup LDAP authentication for non-system users. 
Everything appears to work just find using auth-config to setup a RH9
system.  root ( a local account ) can login just fine, as can ldap
defined users when the box can bind to the ldap server.  The problem
occurs when ldap becomes unavailable.  I lose the ability to log in at
all.  Of course the ldap defined accounts won't be able to log in, but
root should be able to.  Instead the system appears to hang for about
one minute and then it returns me to the login prompt.  There is nothing
in the system logs either.  Any ideas will be appreciated.  

------- /etc/pam.d/system-auth -------
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so
 
account     required      /lib/security/$ISA/pam_unix.so
account     [default=die success=done user_unknown=ignore
service_err=ignore system_err=ignore authinfo_unavail=ignore]
/lib/security/$ISA/pam_ldap.so 
password    required      /lib/security/$ISA/pam_cracklib.so retry=3
type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so
 
session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so 

-------- /etc/nsswitch.conf -------
<snip>
passwd:     files ldap
shadow:     files ldap
group:      files ldap
</snip>

Thank you,
Kevin


-- 
Kevin Reck
Information Systems
University of Wisconsin - Extension
kevin.reck@xxxxxxxx
(608) 262-2057


_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux