[FC2] pam_ldap and root user
damiano.albani at univ-lr.fr
damiano.albani at univ-lr.fr
Tue Jun 1 14:11:12 UTC 2004
Quoting Lionel LENOBLE <lenoble at cip.dauphine.fr>:
> Here's mine :
>
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth required /lib/security/pam_env.so
> auth sufficient /lib/security/pam_unix.so likeauth nullok
> auth sufficient /lib/security/pam_ldap.so use_first_pass
> auth required /lib/security/pam_deny.so
>
> account required /lib/security/pam_unix.so
> account [default=bad success=ok user_unknown=ignore service_err=ignore
> system_err=ignore] /lib/security/pam_ldap.so
>
> password required /lib/security/pam_cracklib.so retry=3
> password sufficient /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password sufficient /lib/security/pam_ldap.so use_authtok
> password required /lib/security/pam_deny.so
>
> session required /lib/security/pam_limits.so
> session required /lib/security/pam_unix.so
>
> Hope that'll help !
> works fine for me :)
>
> Lionel LENOBLE.
And are you sure that *no* LDAP requests are sent on the network when you log in
as root ? (by sniffing with Ethereal for example)
Thanks,
--
Damiano ALBANI
More information about the Pam-list
mailing list