[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ldap/pam problem



On 16 Jun 1999, Rob Browning wrote:

> 
> If so, then when I tried those modifications, I couldn't figure out
> how to get reasonable behavior.  If you have 
> 
>   auth       sufficient pam_ldap.so
>   auth       required   pam_unix_auth.so try_first_pass
> 
> then if the entry is found in ldap, pam returns and you never execute
> things like motd, etc. which is not what you want.

I used this complex invokation, you'll need an appropriately bug-fixed pam
library (Ben, you have my patches..)

auth       requisite  pam_securetty.so
auth       [success=1 default=ignore] pam_unix_auth.so
auth       required   pam_ldap.so use_first_pass
auth       optional   pam_group.so
auth       optional   pam_mail.so

Jason


Reply to: