Dear list, After installing a new server, we ran into some accounts which can't authenticate. In short, I can find just two common symptoms: a) all accounts are NIS accounts b) pam_authenticate() returns error 6: "Permission denied". The problem manifests itself on a small percentage of our accounts. All accounts are created equal, using a script. The accounts have a valid md5-crypted password. Changing the password doesn't work (the account remains locked/unusable). Failing accounts can be old account (from before installing the server) or new accounts. The accounts do work on other servers with older PAM versions (such as 0.99.6.3-29.1). The accounts are listed correctly by both 'ypcat passwd' and 'getent passwd'. The accounts never expire and aren't locked. "Permission denied" on pam_authenticate() is undocumented. The problem manifests itself on all services. The configuration of the machine: auth required pam_env.so auth sufficient pam_unix2.so auth sufficient pam_ldap.so use_first_pass ---- nsswitch.conf: passwd: files nis ldap shadow: files nis ldap ---- opensuse 11.0 with pam 1.0.1-8.1 I'm at a loss here. I've got no clue where to find the problem. Any pointers would be greatly appriciated. -- Met vriendelijke groet, Erik Hensema / HostingXS Internet Services _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
