Re: problem with PAM and LDAP
On Thu, 23 Aug 2001, Jeremy T. Bouse wrote:
> I believe that should be "try_first_pass" not "use_first_pass"...
Depends on what you actually want. 'try_first_pass' means that if the
password pam_unix receives from pam_ldap is wrong, pam_unix is allowed to
prompt for another one. Sometimes you want this, sometimes you don't.
Steve Langasek
postmodern programmer
> On Thu, Aug 23, 2001 at 09:24:51PM +0200, Roland Bauerschmidt wrote:
> > Russell Coker wrote:
> > > Also as a further complication, I want to have pam_unix.so listed before
> > > pam_ldap.so so that if there is a network problem causing LDAP timeouts I can
> > > still login as root.
> >
> > I use
> > pam_ldap.so sufficient
> > pam_unix.so required use_first_pass
> >
> > which works fine even if the ldap server is down.
> >
>
>
>
Reply to: