On Wed, Sep 21, Sir Alec wrote: > Dear Experts, > > I successfully set up an ldap server and some clients can > authenticate. > What I am wondering about is the pam setup: > I thought that the pam_unix2 module does the usual getXbyY calls using > glibc/nss. But unless I specify the pam_ldap module in the pam config. > I cannot log in. > > Is there a document describing the layout? NSS handles getting the struct passwd entry, PAM handles the authentication. pam_unix2 cannot authenticate LDAP users, since the NSS plugin for LDAP does not return crypted passwords. So for this you need the pam_ldap module. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@xxxxxxx SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuernberg -------------------------------------------------------------------- Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
