On 5/10/07, Alex Samad <alex@samad.com.au> wrote:
On Thu, May 10, 2007 at 10:34:41AM +0200, Martin Marcher wrote: > The solution is in the options pam stack uses: > > /etc/pam.d/common-password: > password sufficient pam_ldap.so ignore_unknown_user > password required pam_unix.so try_first_pass nullok obscure min=4 max=8 > md5 mine looks like password sufficient pam_unix2.so nullok call_modules=ldap password required pam_ldap.so try_first_pass md5
he, so you did it just the other way around. Did you modify the pam.d/other to have a default deny policy because (pam_deny or whatever). Because I'm thinking about it but on the other hand it's just too convenient to have a default config that will allow new services... -- Martin Marcher martin.marcher@gmail.com http://www.mycorners.com https://www.xing.com/profile/Martin_Marcher http://www.linkedin.com/in/martinmarcher http://www.studivz.net/profile.php?ids=9f83ea8c5996b8ec http://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added