Re: LDAP authentication with PAM
Previously Brian May wrote:
> 1. pam_lastlog, pam_motd, pam_mail, etc do not appear to get used if
> pam_unix is used. I think this is because pam_ldap fails, and further
> processing is stopped.
That is because you used `sufficient' instead of `required' for
pam_unix: that one succeeds and PAM doesn't bother to process
the rest anymore.
> 2. pam_unix always seems to be used though as account information can
> be found via NSS. So pam_ldap probably is never tried, at least for
> the session, account and password management.
See above :)
Wichert.
--
________________________________________________________________
/ Generally uninteresting signature - ignore at your convenience \
| wichert@cistron.nl http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: