I have a problem on PAM configuration on RHEL 4 and 5.
Let me explain you the problem :
I have a ldap database and I configure PAM to make users able to log into RHEL hosts.
That works fine !
After I configure SUDO to deport sudoers into LDAP, that works fine too..
Now, I want ldap users able to run "sudo su - localUser" and to enter *only* his Ldap password.
to make it more clear, let's take a example :
toto : local user with PWD1
testLdapUser : ldap user with PWD 2
I want a user able to do this :
1. ssh testLdapUser@host => enter PWD2 (OK)
2. sudo su - toto => enter only PWD2 (KO user have to enter PWD1 then PWD2)
Is it possible to do this ?
If yes, how ?
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list