[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Solaris PAM Configuration Problems

Hello list-people!

Once again I'm not quite sure whether this is the right list to look for an answer,
but I'll bother you anyway ;-)

I have a problem, possibly PAM-related, with loggin in on my Solaris-server with
an LDAP-account. Local (Solaris), as well as NIS related accounts can log in without
any problem (using both console, as ssh).

The LDAP-configuration for nss_ldap (and probably pam_ldap as well) is OK, which
I have tested looking at files belonging to this LDAP-user. His name and group are displayed
properly, and are in LDAP only.

The message the Solaris server gives me when I try to log in as this particular user is:

Dec 17 16:44:58 moonie login: [ID 432192 auth.alert] User ldapuser needs Secure RPC credentials to login.

These "Secure RPC credentials" seem to be something particular for Solaris, and I think it's
checked using some pam-module. My (oh god, old, but I don't dare to change it) pam.conf
file is at the bottom of this text.

Anybody seen this before, and possibly capable of helping me out, please let me know and you
can expect my eternal appreciation!

Thanks in advance,

Maarten Buiter
Amsterdam, The Netherlands

#ident  "@(#)pam.conf 1.19     95/11/30 SMI"
# PAM configuration
# Authentication management
login   auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
login   auth required   /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass
#rlogin  auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin  auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
rlogin  auth required   /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass

# sshd Modules, using LDAP
sshd   auth sufficient /usr/lib/security/$ISA/pam_unix.so.1
sshd   auth required   /usr/lib/security/$ISA/pam_ldap.so.1 try_first_pass

dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other auth required /usr/lib/security/$ISA/pam_unix.so.1
# Account management
login account requisite /usr/lib/security/$ISA/pam_roles.so.1
login account required /usr/lib/security/$ISA/pam_projects.so.1
login account sufficient /usr/lib/security/$ISA/pam_unix.so.1
login account sufficient /usr/lib/security/$ISA/pam_ldap.so.1
dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1
dtlogin account required /usr/lib/security/$ISA/pam_projects.so.1
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1
other account requisite /usr/lib/security/$ISA/pam_roles.so.1
other account required /usr/lib/security/$ISA/pam_projects.so.1
other account required /usr/lib/security/$ISA/pam_unix.so.1
# Session management
other session required /usr/lib/security/$ISA/pam_unix.so.1
# Password management
other password sufficient /usr/lib/security/$ISA/pam_unix.so.1
other password required /usr/lib/security/$ISA/pam_ldap.so.1
#dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1
#rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
#dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other account optional /usr/lib/security/$ISA/pam_krb5.so.1
#other session optional /usr/lib/security/$ISA/pam_krb5.so.1
#other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []