Hello,
I've followed one of the online instructions on how to configure my system to use ldap as the user authentication mechanism. below is partial content of my /etc/pam.d/system.auth file:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required
/lib/security/$ISA/pam_deny.so
looking at some online resources about how pam works, it seems that unix authentication is being applied first, and only if it fails, ldap authentication is applied. Am I correct here? In other words if all the users are still in /etc/shadow and /etc/passd files.... ldap is NOT being used for authentication. If I delete the users from /etc/passwd... then LDAP is used.... right>?
thx,
~Hamid