1. reads a config file into arguments
2. looks at local accounts for current pam_get_user()
3. if no local acct. present connects to ldap and looks for user
4. if user present in ldap the local account gets created so the pam_krb5 module can map the ticket to the local account
my problem is this, everything is working but currently you have to input your username & password combination twice due to the account creation process. I have tried the following trying to get it working;
1. tried forking the local account creation
2. tried forking the local account home directory setup
3. tried forking the ldap search
4. tried forking the entire pam_sm_authenticate() functions which resulted in everything else showing up in the logs after pam_krb5 ran
I need to know of a way maybe in the configuation of the pam stack to require it to pause before moving on to the next pam module in the list...
any help on this would be great, oh yeah i can't use the pam_mkhomedir.so because the account and home directory information needs to be present *prior* to kerberos and the ticket mapping portion of their authentication. =)
-- Jason Gerfen
"...Sometimes I just yell at myself. And it makes me sad, sometimes I make myself cry..." ~ My nephew Dawsyn
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list