[svlug] PAM and LDAP
msalists at gmx.net
Sun Feb 22 01:36:46 PST 2004
A question regarding pam and ldap:
I had a problem with a conflict between LDAP and shadow authentication.
Authentication for root via shadow only worked when the LDAP server was
available - when LDAP was down or the network disconnected, authentication
via shadow would not work either.
I was able to fix this problem by changing one line in
account [default=bad success=ok user_unknown=ignore service_err=ignore
account [default=ignore success=ok user_unknown=ignore
service_err=ignore system_err=ignore] /lib/security/$ISA/pam_ldap.so
This seems to fix the problem, but I am not sure if it will bring some other
problem down the road or inflict security weakness.
Can anybody tell me what this change exactly does (beyond fixing my
More information about the svlug