Re: Filtering users by group

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: ROGERIO DE CARVALHO BASTOS <rogeriobastos [at] dcc.ufba.br>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Filtering users by group
Date: Mon, 24 May 2010 11:35:31 -0300

Yes, authorisation didn't ask to pam_ldap because pam_unix alwaysreturns success. I think this is because of nss return ldap's userand pam_unix asks to one. I replace pam_unix by pam_localuser inaccount stack to solve this problem.
Is there one way to do this using pam_unix ?
I want solve this problem less change pam_unix's profile(/usr/share/pam-configs).


I review my pam account configuration and improve it.
This is my final configuration.

# cat /etc/pam.d/common-account
account [new_authtok_reqd=done default=ignore] pam_unix.so
account [success=2 default=ignore]             pam_localuser.so
account [success=1 default=ignore]             pam_ldap.so
account requisite                              pam_deny.so
account required                               pam_permit.so

Stay free to comment one. Thank guys.

--

Rogerio de Carvalho Bastos

http://wiki.dcc.ufba.br/Main/RogerioBastos

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

Re: Filtering users by group, (continued)

Prev by Date: Re: Filtering users by group
Next by Date: Debian package dependency
Previous by thread: Re: Filtering users by group
Next by thread: Debian package dependency