I am using Linux-PAM-0.77 with pam_tacplus-1.2.9 packages.
With login program, even though the user is authenticated from TACACS+ server, the login program looks in the local passwd and shadow files for the user record. With creating a local account of the user, PAM-TACACS+ cannot be used with login.
Similarly, sshd program looks for access permissions for the user being logged in even before the user is authenticated. This too requires a local account to exist for the user.
What is the solution of this problem. If I want to authenticate the users through TACACS+ server without creating their local accounts, what should be done for that?
There is a problem with session mgmt too. The start of a session is logged at the TACACS+ server but the end of session is not logged. What can be the reason for this?
Sharad
_________________________________________________________________
Mergers, takeovers, buyouts. Get all the latest biz bytes. http://www.msn.co.in/business/ Tune in to MSN Business!
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
