Hi, I have Linux stations using Novell NDS / eDirectory for authentification. Works fine so far if I have local accounts in /etc/passwd (password desactivited in /etc/shadow). What is the necessary config for logging *without* a local account in /etc/passwd? I also use pam_mount and it works fine. /etc/nsswitch.conf passwd: ldap files shadow: ldap files group: ldap files ============================ /etc/security/pam_mount.conf debug 1 mkmountpoint 1 lsof /usr/bin/lsof options_require nosuid,nodev luserconf .pam_mount.conf smbmount /bin/mount -t smbfs ncpmount /bin/mount -t ncpfs umount /bin/umount lclmount /bin/mount -p0 volume * ncp novell_name_of_server usr/cti/& /home/& ipserver=unix_name_of_server,user=&.novell_context,uid=&,gid=users - - ============================ /etc/ldap.conf host mialplacidus base ou=cti,ou=aca82,ou=d,o=nhp ldap_version 3 port 636 pam_password crypt sslpath /etc/ssl/certs/cert7.db nss_base_passwd <context> nss_base_shadow <context> nss_base_group <context> ssl on tls_cacertdir /etc/ssl/certs =========================== /etc/security/pam_unix2.conf auth: use_ldap nullok account: use_ldap password: use_ldap nullok session: none =========================== /etc/pam.d/login #%PAM-1.0 auth requisite pam_unix2.so nullok auth required pam_securetty.so auth required pam_nologin.so #auth required pam_homecheck.so auth required pam_env.so auth required pam_mail.so account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_unix2.so none # debug or trace session required pam_limits.so session required pam_mount.so use_first_pass auth required pam_mount.so use_first_pass =========================== Thanks, Yann -- OSS consultant Centre des Technologies de l'Information Etat de Genève 82 rue des Acacias 1227 Carouge (GE) Tél. +41-22-325 11 62 _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
