lists.arthurdejong.org
RSS feed

Re: pam_authz_search not considered

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: pam_authz_search not considered



On Wed, 2015-10-28 at 13:27 +0000, Lakshmi Narasimhan, Premkumar (RIS-
ORL) wrote:
> I am trying to setup LDAP authentication for VSFTPD. Also i need to
> IP validation so i am trying to use pam_authz_search (&(id=$rhost)),
> but I don’t see this applied as a filter in LDAP request. Please
> provide you valuable inputs.

The pam_authz_search option is only used in the authorisation (account)
phase of the PAM stack. Your debug log only contains information from
the authentication (auth) phase.

Your PAM configuration probably does not call pam_ldap.so for
authorisation it for some reason skips it when another module already
returns success.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/