[Date Prev][Date Next] [Chronological] [Thread] [Top]

tls, pam_ldap and /etc/passwd


I have been banging my head against a problem for a while now, and I could use 
a hand.  Maybe you could help, or point me to help.

We have set up an openldap server running on RedHat Linux 7.2.  I have created 
a database and have more than one system working fine using the pam_ldap 
modules.  However, when I activate TLS, pam requires me to have a user to 
match the ldap user in the system's local /etc/passwd file.  This rather 
defeats my goals for using LDAP in the first place.

Basically if TLS is off, then everything works OK, pulling non-local users 
from LDAP.  If I turn TLS on, then LDAP will not authenticate unless there is 
a user in /etc/passwd.

It is entirely possible that this is performing as designed.  I have been 
unable to find any definitive statements on this.

Anything you could point me to would be greatly appreciated.


Christopher Walden
Austin, TX