LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Fedora
User Name
Password
Fedora This forum is for the discussion of the Fedora Project.

Notices

Reply
 
Search this Thread
Old 04-21-2006, 09:28 AM   #1
cbtg2006
LQ Newbie
 
Registered: Apr 2006
Posts: 10

Rep: Reputation: 0
FC5 /etc/pam.d/login ldap configuraion?


HI guys,

I've got LDAP working on my FC5 box, now I want to be able to login using the domain user names and passwords. ldapsearch and getent password work fine.

I'm using services for unix and windows server 2003 AD.

Had this working on FC4, but the /etc/pam.d/login and /etc/pam.d/gdm config seems to be different.

Current setup is:

################################# /etc/pam.d/login ##########################
#%PAM-1.0
######### Initial Login Prompt #########

auth required pam_securetty.so
auth required pam_nologin.so

######## Authorise User and Obtain Krb Ticket ######

auth required pam_mount.so
auth optional pam_krb5.so use_first_pass
auth sufficient pam_ldap.so use_first_pass
auth required pam_unix.so use_first_pass
# auth required pam_stack.so service=system-auth
auth required pam_nologin.so

######## Fetch User Information ########

account required pam_access.so
account sufficient pam_ldap.so use-first_pass
account required pam_unix.so use_first_pass
account required pam_nologin.so
# account required pam_stack.so service=system-auth

######## Password Management ########

password required pam_cracklib.so
password required pam_unix.so shadow md5 use_authtok
password sufficient pam_ldap.so use_authtok
password required pam_mount.so use_authtok shadow md5

# password required pam_stack.so service=system-auth

######### Sesssion ########

session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel umask=0077
session optional pam_mount.so shadow md5 use_authtok

# pam_selinux.so close should be the first session rule

session required pam_selinux.so close

#session required pam_stack.so service=system-auth
#session optional pam_console.so

# pam_selinux.so open should be the last session rule

session required pam_selinux.so multiple open

##########################################################


#################### /etc/pam.d/gdm ######################

#%PAM-1.0
auth required pam_env.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
auth required pam_mount.so use_first_pass
auth sufficient pam_ldap.so use_first_pass
auth optional pam_krb5.so use_first_pass
account required pam_stack.so service=system-auth
account sufficient pam_ldap.so use_first_pass
password required pam_stack.so service=system-auth
password sufficient pam_ldap.so use_first_pass
session required pam_stack.so service=system-auth
session optional pam_console.so
session required pam_mkhomedir.so skel=/etc/skel umask=0077
session optional pam_mount.so use_first_pass
session sufficient pam_ldap.so use_first_pass
session optional pam_group.so

#########################################################

Anyone know what I'm doing wrong? LDAP user information is ignored. It would appear that /etc/ldap.conf is not being called at the login prompt for cli as no debug output is displayed. However from within gdm, logged in as root, debug information is displayed for getent passwd|grep username.

Cheers guys,

Chris

Last edited by cbtg2006; 04-21-2006 at 09:29 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pam + ldap client paul_mat Linux - Networking 0 10-25-2005 10:55 PM
pam.d/system-auth and LDAP? SheldonPlankton Linux - General 0 04-28-2005 01:11 PM
Locked out after activating PAM-LDAP tdubois65 Linux - Security 3 04-13-2004 02:40 AM
PAM and LDAP, can't login locally Staceman Linux - Networking 0 07-02-2003 11:25 AM
Samba, PAM and LDAP Linh Linux - Networking 0 05-09-2003 10:07 AM


All times are GMT -5. The time now is 11:27 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration