Re: pam_authz_search not considered

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: "Lakshmi Narasimhan, Premkumar (RIS-ORL)" <Premkumar.Narasimhan [at] lexisnexis.com>, "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: pam_authz_search not considered
Date: Wed, 28 Oct 2015 22:51:16 +0100

On Wed, 2015-10-28 at 13:27 +0000, Lakshmi Narasimhan, Premkumar (RIS-
ORL) wrote:
> I am trying to setup LDAP authentication for VSFTPD. Also i need to
> IP validation so i am trying to use pam_authz_search (&(id=$rhost)),
> but I don’t see this applied as a filter in LDAP request. Please
> provide you valuable inputs.

The pam_authz_search option is only used in the authorisation (account)
phase of the PAM stack. Your debug log only contains information from
the authentication (auth) phase.

Your PAM configuration probably does not call pam_ldap.so for
authorisation it for some reason skips it when another module already
returns success.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

pam_authz_search not considered, Lakshmi Narasimhan, Premkumar (RIS-ORL)
- Re: pam_authz_search not considered, Arthur de Jong

Prev by Date: Re: nss-pam-ldapd
Next by Date: RE: pam_authz_search not considered
Previous by thread: pam_authz_search not considered
Next by thread: RE: pam_authz_search not considered