Cant authenticate to LDAP domain with Redhat9

Faehl, Chris cfaehl at rightnow.com
Wed Jul 7 14:32:36 UTC 2004 

I'm not sure how PAM works (eg, if it can't find a specific instance in
pam.d for a given program, fall through and use system-auth), but if it
does work as parenthetically indicated, then the original problem is
that RedHat does ship /etc/pam.d/sshd. If that theory holds, removing
/etc/pam.d/sshd should make system-auth consulted. I've just verified
that this is not what occurs: if /etc/pam.d/sshd does not exist - ya
don't get in (eg, system-auth isn't consulted). 

In short - yes, for every program you want to run that authenticates
against LDAP, the appropriate pam file must be modified.

--
Chris Faehl
Hosting Manager, RightNow Technologies

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Rigler, Steve
Sent: Wednesday, July 07, 2004 5:59 AM
To: General Red Hat Linux discussion list
Subject: RE: Cant authenticate to LDAP domain with Redhat9


That might work fine for now, but what about authentication from a
virtual 
console, gdm, xscreensaver, etc?  And what if, later on, you decide to
add kerberos to the mix?   Hopefully you wouldn't want to go around
messing
with every file in pam.d whenever there's a change (that's what
system-auth
is there for).

-Steve

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Faehl, Chris
Sent: Tuesday, July 06, 2004 5:06 PM
To: redhat-list at redhat.com
Subject: Re: Cant authenticate to LDAP domain with Redhat9

The problem's /etc/pam.d/sshd. 

cp /etc/pam.d/sshd /etc/pam.d/sshd.040706 && cp /etc/pam.d/system-auth
/etc/pam.d/sshd

Problem should then be fixed (I burned several days on this - RedHat's
docs could use 
some revision). 

--
Chris Faehl
Hosting Manager, RightNow Technologies


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list




-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list