[Fedora-directory-users] Problem with password warning from fds
Jim Summers
jsummers at bachman.cs.ou.edu
Fri Dec 23 15:21:51 UTC 2005
Bliss, Aaron wrote:
> I know this has been talked about, but I'm still having problem with this;
> I'm not receiving a password warning from the directory server; in testing,
> I have accounts set to expire after 9 days with a password warning set to 8
> days; below are my client config files; I'm running fds 1.0.1. any
> thoughts?
Working on the same issue here. For the sake of comparison, what log
entries appear in /var/log/messages (assuming a RH/FC os) when you log
in with the account you are testing with?
Mine shows to be logging in with pam_unix, which is not correct, and I
have not found out why it is not logging in with pam_ldap.
You might want to peruse the archives for this month to see the thread I
have going with Jamie. You might check things such as proxy access,
rootbind, etc...
Sorry I can't be more help, but I am in the same boat as you for the moment.
--jim
Thanks very much.
>
> /etc/pam.d/system-auth
> # User changes will be destroyed the next time authconfig is run.
> auth required /lib/security/$ISA/pam_env.so
> auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
> auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
> auth required /lib/security/$ISA/pam_deny.so
>
> account required /lib/security/$ISA/pam_unix.so broken_shadow
> account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
> quiet
> account [default=bad success=ok user_unknown=ignore]
> /lib/security/$ISA/pam_ldap.so
> account required /lib/security/$ISA/pam_permit.so
>
> password requisite /lib/security/$ISA/pam_cracklib.so retry=3
> password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok
> md5 shadow
> password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
> password required /lib/security/$ISA/pam_deny.so
>
> session required /lib/security/$ISA/pam_limits.so
> session required /lib/security/$ISA/pam_unix.so
> session optional /lib/security/$ISA/pam_ldap.so
>
> #%PAM-1.0
> auth required pam_stack.so service=system-auth
> auth required pam_nologin.so
> account required pam_stack.so service=system-auth
> password required pam_stack.so service=system-auth
> session required pam_mkhomedir.so skel=/etc/skel/ umask=0007
> session required pam_stack.so service=system-auth
> session required pam_loginuid.so
>
> /etc/pam.d/sshd
> #%PAM-1.0
> auth required pam_stack.so service=system-auth
> auth required pam_nologin.so
> account required pam_stack.so service=system-auth
> password required pam_stack.so service=system-auth
> session required pam_mkhomedir.so skel=/etc/skel/ umask=0007
> session required pam_stack.so service=system-auth
> session required pam_loginuid.so
>
> /etc/ldap.conf file has this entry
> pam_lookup_policy yes
>
>
> www.preferredcare.org
> "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates
>
> Confidentiality Notice:
> The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
>
>
>
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Jim Summers
School of Computer Science-University of Oklahoma
-------------------------------------------------
More information about the Fedora-directory-users
mailing list