Hi, We recently upgraded to 8.3.9 (from 8.3.6) because we were having the issue described in the fix below. Our postgres user and other domain users with pam authentication were getting locked out, in accords with our group domain policy 10 failed login attemps in 30 minutes. I included some information about our environment below. Sadly, after the upgrade to 8.3.9, we are still experiencing this issue. Has any one else reported this issue still exists, after the 8.3.9 fix below? Thanks in advance, ~DjK ## Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. ## Linux and AD The AD is running at a domain functional level of Windows Server 2003, however the schema is updated to Windows Server 2008. Linux OS: SLES 9 sp4 2.6.5-7.308-smp #1 SMP Mon Dec 10 11:36:40 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux ## PAM -- postgres auth required pam_unix2.so nullok account required pam_unix2.so ## nsswitch.conf -- passwd: compat group: compat hosts: files dns networks: files dns services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files publickey: files bootparams: files automount: files nis aliases: files passwd_compat: ldap group_compat: ldap Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now. |