Re: problem with PAM and LDAP
On Sat, 25 Aug 2001 10:35, Sami Haahtinen wrote:
> > So my question is, is this a bug in libpam-ldap that should be fixed by
> > moving it to the "auth" section? Or is there something in PAM setup that
> > I should change to solve this? Or should it be checked in both "auth"
> > and "account"?
>
> i brought the question up on pamldap list, and so far i haven't gotten
> any answer why pam_min_uid and pam_max_uid is not checked in auth
> queries..
>
> one explanation was that account section does the actual validation if
> the user has the right to access the service in question..
>
> i haven't tried this, or seen how it works.. but basically it does it's
> job.. wether it shows info if the login went ok, that i don't know, but
> for what i think it should not look any different to the user wether he
> has the wrong password or is restricted with pam_min_uid or
> pam_max_uid..
Hmm. Well my desire is for the pam_min_uid and pam_max_uid conditions to
give the same result that would result if the entry was not in the LDAP at
all.
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: