Re: pam_ldap not working right

To: Derrick 'dman' Hudson <dman@dman.ddts.net>
Cc: debian-user@lists.debian.org
Subject: Re: pam_ldap not working right
From: David Wright <ichbin@shadlen.org>
Date: Thu, 13 Jun 2002 16:07:30 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.44.0206131601580.11107-100000@herbie.shadlen.org>
In-reply-to: <[🔎] 20020613225402.GA9270@dman.ddts.net>

Looking over your files, I see quite a few problems:

1) You need to configure nss_ldap.conf as well as pam_ldap.conf.

2) The lines in nsswitch.conf should really be "files ldap" not "ldap
files", i.e. local data takes precedence.

3) You need to tell pam.d/login to use the same password for pam_unix that
it tried to use for pam_ldap:
  auth    sufficient     pam_ldap.so
  auth    required       pam_unix.so nullok try_first_pass

4) In pam_ldap.conf, it's best not to bind as anyone. pam_ldap will
attempt to bind with the given password and that will be the test. You'll
need to use
  pam_password exop
if you still want to change user passwords with this setup.

If you are still having problems, watch what happens with a packet
sniffer.


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: pam_ldap not working right
  - From: Derrick 'dman' Hudson <dman@dman.ddts.net>

References:
- pam_ldap not working right
  - From: Derrick 'dman' Hudson <dman@dman.ddts.net>

Prev by Date: Re: maildirmake
Next by Date: Re: debian is neat but how do I turn the computer off?
Previous by thread: pam_ldap not working right
Next by thread: Re: pam_ldap not working right
Index(es):
- Date
- Thread