[rhn-users] pam_ldap authentication against AD
Tom Hodder
tom at ecnow.co.uk
Mon Feb 6 21:35:21 UTC 2006
Hi,
I am using RHEL3 configured to use pam_ldap and microsoft Active
Directory LDAP as an authentication backend.
It seems that if no password has been set for the AD user, then the user
can login using any string as a password except a blank password. I
looked at the string stored in the AD ldap for msSFU30password, and the
value is "ABCD!efgh12345$67890"
So the default behaviour for pam_ldap is to allow any password for these
users, which is not good.
Can I change this behaviour?
Thanks,
Tom
More information about the rhn-users
mailing list