passwd command with pam_ldap

From: Bousquet Francois (Francois.Bousquet@cgi.ca)
Date: Mon Sep 13 2004 - 09:09:05 EDT

• Next message: Jun Zhu: "Please ignore test mail, haven't received mail for whole weekend."
• Previous message: Shen Yuguo: "ultra 60 serial console"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I am using pam_ldap/nss_ldap to authenticate Solaris (7,8 or 9) on an
OpenLDAP server.

Everything is working fine for authentication but I am not able to use the
passwd command on local user (and LDAP user too, but that is not a big deal,
since I got a perl script to do that).

The passwd command is doing no output and is returning to prompt (no syslog
entry)

# id
uid=0(root) gid=1(other)
# passwd bousquf
#

Does anyone have experience running pam_ldap/nss_ldap on Solaris connecting
to a OpenLDAP slapd ?

Here is my /etc/pam.conf file :

# PAM configuration
#
# Authentication management
#
login auth sufficient /usr/lib/security/pam_unix.so.1
login auth required /usr/lib/security/pam_ldap.so.1 use_first_pass
login auth required /usr/lib/security/pam_dial_auth.so.1
#
rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin auth sufficient /usr/lib/security/pam_unix.so.1
rlogin auth required /usr/lib/security/pam_ldap.so.1 use_first_pass
#
dtlogin auth sufficient /usr/lib/security/pam_unix.so.1
dtlogin auth required /usr/lib/security/pam_ldap.so.1 use_first_pass
#
rsh auth required /usr/lib/security/pam_rhosts_auth.so.1
#
other auth sufficient /usr/lib/security/pam_unix.so.1
other auth required /usr/lib/security/pam_ldap.so.1 use_first_pass
#
# Account management
#
login account sufficient /usr/lib/security/pam_unix.so.1
login account required /usr/lib/security/pam_ldap.so.1
#
dtlogin account sufficient /usr/lib/security/pam_unix.so.1
dtlogin account required /usr/lib/security/pam_ldap.so.1
#
other account sufficient /usr/lib/security/pam_unix.so.1
other account required /usr/lib/security/pam_ldap.so.1
#
# Session management
#
other session required /usr/lib/security/pam_unix.so.1
#
# Password management
#
other password sufficient /usr/lib/security/pam_unix.so.1
other password required /usr/lib/security/pam_ldap.so.1
use_first_pass
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Jun Zhu: "Please ignore test mail, haven't received mail for whole weekend."
• Previous message: Shen Yuguo: "ultra 60 serial console"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:29:26 EDT