|
hi, i try to contact you to get some help... i try to configure the auth of my all users by a openldap server. So i configure libpam-ldap libnss-ldap (with db in nsswitch.conf) and nss_udatedb (with a cron to update de db users) configure the libpam_ccreds to be able to auth the user even if the network is down (more specially Laptop) So my pam.d/common_auth looks like this : auth sufficient pam_unix.so nullok_secure auth [authinfo_unavail=ignore success=1 default=2] pam_ldap.so use_first_pass debug auth [default=done] \ pam_ccreds.so action="" ccredsfile=/var/db/.security.db use_first_pass auth [default=done] \ pam_ccreds.so action="" ccredsfile=/var/db/.security.db use_first_pass auth [default=bad] \ pam_ccreds.so action="" ccredsfile=/var/db/.security.db use_first_pass if the user is a local user, he is authenticated, if the user is a ldap, and if the ldap server is available, the user is auth and the credential are added to security.db if he user is a ldap and if the ldap server is unavailable, the user is auth throught the security.db All the configuration is OK if network interface is up. If the interface is not configure, after a first auth on the ldap, the user authenticated If a interface is NOT configure (Only loopback) , it take a long, long time, and the user is not auth on the ccreds file. WATH's the problem Is there some configuration to add. The package have been compiled with hard options.... Thank you very much for your help.... Anthony |