Hello Jeff, kinit works, also for those account which fail in mod_auth_pam. Any other idea to investigate this problem? Kind regards Harald On Fri, 23 Jul 2010, Jeff Saxton wrote:
Can you "k I n I t" (stupid autocorrect) A short account? Harald Falkenberg <harald.falkenberg@xxxxxxx> wrote: Hallo, I found this list on http://pam.sourceforge.net/mod_auth_pam/ and hope that somebody can help me in understanding the following problem. I migrated an web-site using apache server 1.3.41 with mod_auth_pam v. 1.1.1 from a machine with solaris 8 (sparc) to a maschine with solaris 10 (x86). In both cases I used the same software and just recompiled it. When running the web-site on solaris 10, I noticed that the mod_auth_pam module works fine as on solaris 8, but if the account name length is <= 4 it fails. The httpd service is configured in pam.conf to check against a kerberos 5 server. - The same accounts, with account name length <= 4, can authenticate on the old solaris 8 server. I set pam in debugging mode and compared the function calls and return values of the accounts. In all cases the accounts seem to authenticate successfully. So I was looking for other restrictions or implementation differences between solaris 8 and solaris 10. The accounts I used for tests have in all cases valid passwords and are not expired. Does somebody have an idea on this list what might cause the strange behaviour with the account name length? regards Harald _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
