Displaying 1 result from an estimated 1 matches for "local_pass".
Did you mean:
local_part
2007 Sep 06
0
[Resolved] Found a way of allowing pam_ldap users (with pam_groupdn or pam_check_host_attr restrictions), AND allowing local root authentication, without pam_unix.so taking presense due to getpwent() returns ldap-users
...x.so and pam_ldap.so
plays well together:
The recommended setup, UNIX and LDAP logins work, but
groupdn/check_host_attr restrictions dosn't:
account sufficient /usr/local/lib/pam_ldap.so
account required pam_login_access.so
account required pam_unix.so local_pass
You want only LDAP users, and no local root-account, this works:
account sufficient /usr/local/lib/pam_ldap.so
account required pam_login_access.so
account required pam_deny.so
This is what I ended up as a quickfix, until pam_unix.so is playing
right again...