[Date Prev][Date Next]
tls, pam_ldap and /etc/passwd
I have been banging my head against a problem for a while now, and I could use
a hand. Maybe you could help, or point me to help.
We have set up an openldap server running on RedHat Linux 7.2. I have created
a database and have more than one system working fine using the pam_ldap
modules. However, when I activate TLS, pam requires me to have a user to
match the ldap user in the system's local /etc/passwd file. This rather
defeats my goals for using LDAP in the first place.
Basically if TLS is off, then everything works OK, pulling non-local users
from LDAP. If I turn TLS on, then LDAP will not authenticate unless there is
a user in /etc/passwd.
It is entirely possible that this is performing as designed. I have been
unable to find any definitive statements on this.
Anything you could point me to would be greatly appreciated.