via Active Directory authentication, using the system-config-authentication
GUI. Users can login OK with either local authentication or AD authentication.
However, two system commands are misbehaving. useradd refuses to
add someone to the system if they are found in AD. The error
is simply in the form of "useradd: user john exists". I've heard
the passwd command may also be trying to update the password
on AD rather local.
We can work around the problem by running the GUI system-config-users
- this works fine to create new users or set the local password.
So I wonder if pam settings for the system-config-users
GUI are somehow giving us local target for the user creation commands.
Running strings on the useradd command I don't find any pam reference.
There is no pam.d entry for the useradd command as a file named useradd.
Our intentions are to use AD to authenticate only, not to allow users to manage
their password or anything about their AD account from the Linux host.
Can anyone give a hint about what we should adjust to point useradd
and passwd commands to local mechanisms?
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
