Hi,
this is a generic PAM-related question...
Nowadays we use SecurID to authenticate users against the LDAP server.
So, when LDAP users want to access a system they are prompted to enter their
passcode (RSA token).
The problem comes when a local user is created... it's still the RSA server
which asks for a passcode and not the system itself asking for a passwd...
Now, I know that PAM modules are stackable but it seems that I can't find the
magic combination to allow what I want: 1. check if it's a local user and offer
the "password: " prompt, 2. if it's not local, hit LDAP
Has anyone setup such a solution?
TIA,
Martin