[Date Prev][Date Next]
Re: new user, question about authentication
The simple way to make this work on redhat is by using the command
`authconfig`, however if the directory is unavalable then everything breaks.
To fix that you must change the line in system-auth:
from> account sufficient /lib/security/pam_unix.so
to > account required /lib/security/pam_ldap.so
While this lets you login when ldap is down you have a new problem. See:
jacob walcik wrote:
i've got openldap working for the first time using the rpm's available
with redhat 7.3:
i migrated my configuration/user info with the script that redhat
includes for doing so, however, now i've run into a problem. i have two
machines setup to authenticate against the ldap directory. the one
openldap is running on, and another test box.
on both machines, if i try to log in w/ an account that only exists in
ldap, it fails. if i try to log in with an account that only exists on
the system, it succeeds. if i try to log in w/ an account that exists
in both, only the password for the system works.
i can look in my messages log and see that the login was handled by
pam_unix, however i don't see any failures (or any messages at all) from
pam_ldap. according to the ldap docs on openldap.org (quickstart guide
and the integration chapter) and redhat.com i've added the correct
entries to /etc/ldap.conf and /etc/openldap/slapd.conf. can someone get
me pointed in the right direction for where to go from here?
passwd: ldap files nisplus
shadow: ldap files nisplus
group: ldap files nisplus