Re: LDAP Authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That's the same line I have ... I still can't get in.

Kevin


On Tue, 2003-09-09 at 13:14, Oliver Schulze L. wrote:
> Hi,
> this answered the other day.
> Configure /etc/pam.d/system-auth with this line:
> 
> account     required      /lib/security/$ISA/pam_unix.so
> # patch from bug #55193 at bugzilla.redhat.com
> account     [default=bad success=ok user_unknown=ignore 
> service_err=ignore system_err=ignore authinfo_unavail=ignore] 
> /lib/security/$ISA/pam_ldap.so
>                                                                                 
> 
> It works for me in RH9
> 
> HTH
> Oliver
> 
> Kevin Reck wrote:
> 
> >I am attempting to setup LDAP authentication for non-system users. 
> >Everything appears to work just find using auth-config to setup a RH9
> >system.  root ( a local account ) can login just fine, as can ldap
> >defined users when the box can bind to the ldap server.  The problem
> >occurs when ldap becomes unavailable.  I lose the ability to log in at
> >all.  Of course the ldap defined accounts won't be able to log in, but
> >root should be able to.  Instead the system appears to hang for about
> >one minute and then it returns me to the login prompt.  There is nothing
> >in the system logs either.  Any ideas will be appreciated.  
> >
> >------- /etc/pam.d/system-auth -------
> >auth        required      /lib/security/$ISA/pam_env.so
> >auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
> >auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
> >auth        required      /lib/security/$ISA/pam_deny.so
> > 
> >account     required      /lib/security/$ISA/pam_unix.so
> >account     [default=die success=done user_unknown=ignore
> >service_err=ignore system_err=ignore authinfo_unavail=ignore]
> >/lib/security/$ISA/pam_ldap.so 
> >password    required      /lib/security/$ISA/pam_cracklib.so retry=3
> >type=
> >password    sufficient    /lib/security/$ISA/pam_unix.so nullok
> >use_authtok md5 shadow
> >password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
> >password    required      /lib/security/$ISA/pam_deny.so
> > 
> >session     required      /lib/security/$ISA/pam_limits.so
> >session     required      /lib/security/$ISA/pam_unix.so
> >session     optional      /lib/security/$ISA/pam_ldap.so 
> >
> >-------- /etc/nsswitch.conf -------
> ><snip>
> >passwd:     files ldap
> >shadow:     files ldap
> >group:      files ldap
> ></snip>
> >
> >Thank you,
> >Kevin
> >
> >
> >  
> >
-- 
Kevin Reck
Information Systems
University of Wisconsin - Extension
kevin.reck@xxxxxxxx
(608) 262-2057


_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux