Categories

JAVA DATEBASE
Technology Network Community
Oracle Database
Fusion Middleware
Development Tools
Java
Desktop
Server & Storage Systems
Enterprise Management
Berkeley DB Family
Cloud Computing
Big Data
Business Intelligence
Architecture
Migration and Modernization
E-Business Suite
Siebel
PeopleSoft Enterprise
JD Edwards World
Industries
JD Edwards EnterpriseOne
User Productivity Kit Pro (UPK) and Tutor
Governance, Risk & Compliance (GRC)
Master Data Management (MDM)
Oracle CRM On Demand
On Demand: SaaS and Managed Applications
AutoVue Enterprise Visualization
Primavera
ATG
Agile PLM
Endeca Experience Management
Fusion Applications
Archived Forums

 



Tags

Solaris 10


pam_ldap with local accounts


Hello,  I would like to provide some users the ability to login to their Solaris account using an LDAP credential.  Naming services would not be in LDAP.  In other words, this could be considered a hybrid of local accounts, files/dns naming services, but adding pam_ldap at the bottom of the authentication stack.  Everything has tested out fine, and there is a sample pam.conf file in the naming service documentation from Sun: login   auth    requisite       pam_authtok_get.so.1 login   auth    required        pam_dhkeys.so.1 login   auth    required        pam_dial_auth.so.1 login   auth    required        pam_unix_cred.so.1 login   auth    sufficient      pam_unix_auth.so.1 login   auth    required        pam_ldap.so.1 ... other   auth    requisite       pam_authtok_get.so.1 other   auth    required        pam_dhkeys.so.1 other   auth    required        pam_unix_cred.so.1 other   auth    sufficient      pam_unix_auth.so.1 other   auth    required        pam_ldap.so.1  In testing, however, what I have found is that accounts locked (passwd -l foousr resulting in LK in /etc/shadow) work as expected.  Login is denied.  No password accounts (passwd -N foousr resulting in NP in /etc/shadow) do not work as I thought they would.  They are still allowed to login if they supply the correct LDAP credential.  Many thanks for any feedback.


Related Links

T2000 -Solaris 10 - Hardware Raid - Hot Spare
Mirroring problems
Allowing non-root access to view disk quotas
Installing companion cd
solaris 10/08 installation problem
partitioning in solaris 10
How to forcibly umount a dircetory which is under VxFS file system control
NFS is not starting because of nlockmgr
Login Problem
kernel/sparcv9/unix
could not bring aggregations up
Disk Slice 2
Automated jumpstart install failed
Environment variable not setting properly
Need help
Solaris 8 | LDAP Server | ERROR MESSAGES