Validating root when LDAP server is down

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've configured my RHEL 2.1 with pam support. My LDAP Server is SunOne Directory 5.2. All users are validate in LDAP server except root.

All it's right when the ldap server is running, but if the ldap server is down, root user cannot validate in the system.

My configuration files are:

- /etc/nsswitch.conf

passwd:     files nisplus ldap
shadow:     files nisplus ldap
group:      files nisplus ldap

- /etc/pam.d/login

#%PAM-1.0
auth       required	/lib/security/pam_securetty.so
auth       required	/lib/security/pam_stack.so service=system-auth
auth       required	/lib/security/pam_nologin.so
account    required	/lib/security/pam_stack.so service=system-auth
password   required	/lib/security/pam_stack.so service=system-auth
session    required	/lib/security/pam_stack.so service=system-auth
session	   required	/lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022
session    optional	/lib/security/pam_console.so

- /etc/pam.d/system-auth

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/pam_ldap.so use_first_pass
auth        required      /lib/security/pam_deny.so

account required /lib/security/pam_unix.so
account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_ldap.so

password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/pam_ldap.so use_authtok
password required /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
session     optional      /lib/security/pam_ldap.so

What it's wrong? What have I make to solve the problem?

Thanks in advance,

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux