Trouble syncing passwords
Ian Mortimer
ian at physics.uq.edu.au
Mon Feb 20 02:35:26 UTC 2006
On Fri, 2006-02-17 at 00:43 -0600, Todd Pytel wrote:
> I've been trying variations on:
>
> password sufficient pam_unix.so md5 shadow
> password required pam_krb5.so try_first_pass
> password required pam_ldap.so try_first_pass use_authtok
I've got a similar setup here without ldap and this works:
password requisite pam_cracklib.so retry=3
password requisite pam_unix.so nullok use_authtok shadow
password optional pam_krb5.so use_authtok try_first_pass
pam_krb5 understands try_first_pass in password context but not
all modules do. (pam_unix doesn't so it has to come before
pam_krb5 in our configuration.)
--
Ian
More information about the Pam-list
mailing list