problems with pam_localuser.so

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We have two types of servers we are supporting in production.
 
Suse 10.2 and Suse 11.0
 
We have a setup where our Linux servers are integrated with Active directory via samba/winbind/kerberos.
So local linux accounts authenticate normally, and domain accounts go against AD.
 
We had a situation where we have an AD account, that we also want to be a local only linux account.
So we configured pam with the pam_localuser.so module to check if the account is local to the system, and if so, skip the domain login.
 
This is accomplished by the following in common-password
 
password    [default=ignore success=1] pam_localuser.so
password sufficient     pam_winbind.so
password required       pam_unix2.so    nullok

This works great on the 11.0 servers.  When we tried this on the 10.2 servers, entering password only brings up the NT option to change password.
 
On the 10.2 server, when we try and run passwd to test changing local system passwd, in /var/log/messages I see:
PAM unable to resolve symbol: pam_sm_chauthtok
 
If I remove the pam_localuser.so then I no longer see the pam_sm_chauthok messages, but I also can't get passwd command to change account password locally for the account that is AD and local.
 
Any ideas on how to fix or work-around?
 
 
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux