I have linux server which is joined to AD Domain.
One of domain user has (test/dompasswd) same name as local user on machine (test/localpasswd) but has different password.
My application calls pam_authenticate() API(Linux-PAM-0.99.3.0).
A)When I call pam_authenticate() for user string <DOMAIN_NAME>\test it succeeds with only domain password (dompasswd ) and fails with localpasswd.(this is expected).
B)When I call pam_authenticate() for userstring without Domain name "test" it return SUCCESS with both the passwords( local passwd and domain password).
for B) my appilcation is not able to identify whether user test is authenticated against local user or domain user.
One of domain user has (test/dompasswd) same name as local user on machine (test/localpasswd) but has different password.
My application calls pam_authenticate() API(Linux-PAM-0.99.3.0).
A)When I call pam_authenticate() for user string <DOMAIN_NAME>\test it succeeds with only domain password (dompasswd ) and fails with localpasswd.(this is expected).
B)When I call pam_authenticate() for userstring without Domain name "test" it return SUCCESS with both the passwords( local passwd and domain password).
for B) my appilcation is not able to identify whether user test is authenticated against local user or domain user.
In some specific scenario where I want user to be authenticated only against local database and not against Domain database.
Can I use any other PAM API instead of pam_authenticate()?
or is there any way we can identify after authentication that , the user which is authenticated is local user or domain user?
Regards
Rupesh
Can I use any other PAM API instead of pam_authenticate()?
or is there any way we can identify after authentication that , the user which is authenticated is local user or domain user?
Regards
Rupesh
Explore your hobbies and interests. Click here to begin.
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
