[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: System user login fails if ldap goes down.

To: openldap-technical@openldap.org
Subject: Re: System user login fails if ldap goes down.
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Thu, 3 Feb 2011 16:36:35 +0200
Cc: Meghanand Acharekar <vasco.debian@gmail.com>
In-reply-to: <AANLkTikV1nFUbWPbDAGdaddoVcY+2u7jT9hDLiU6gdKT@mail.gmail.com>
References: <AANLkTikV1nFUbWPbDAGdaddoVcY+2u7jT9hDLiU6gdKT@mail.gmail.com>
User-agent: KMail/1.13.3 (Linux/2.6.33.7-desktop-2.1mnb; KDE/4.4.3; x86_64; ; )

On Thursday, 3 February 2011 14:34:21 Meghanand Acharekar wrote:
> Hi,
> 
> I have configured a mixed authentication systems (LDAP + System Users).
> On this system some users are configure to login via ldap rest as system
> users.
> I observed that if the ldap server goes down, system users also not able to
> login.
> Is there any way to prevent this, following my pam configuration.
> 
> system-auth :
> 
> auth        required      pam_env.so
> auth        sufficient    pam_unix.so nullok try_first_pass
> auth        requisite     pam_succeed_if.so uid >= 500 quiet
> auth        sufficient    pam_ldap.so use_first_pass
> auth        required      pam_deny.so
> 
> account     required      pam_unix.so broken_shadow
> account     sufficient    pam_succeed_if.so uid < 500 quiet

Replace the above line with:
account sufficient pam_localuser.so

If you have pam_localuser.so available (you didn't mention which distro, but 
it seems to be RH-derived).

Regards,
Buchan

Follow-Ups:
- Re: System user login fails if ldap goes down.
  - From: Meghanand Acharekar <vasco.debian@gmail.com>

References:
- System user login fails if ldap goes down.
  - From: Meghanand Acharekar <vasco.debian@gmail.com>

Prev by Date: Re: Transparent proxy, (objectClass=user) not being relayed. Schema issue?
Next by Date: Re: Transparent proxy, (objectClass=user) not being relayed. Schema issue?
Index(es):
- Chronological
- Thread