Technology Network Community
Oracle Database
Fusion Middleware
Development Tools
Server & Storage Systems
Enterprise Management
Berkeley DB Family
Cloud Computing
Big Data
Business Intelligence
Migration and Modernization
E-Business Suite
PeopleSoft Enterprise
JD Edwards World
JD Edwards EnterpriseOne
User Productivity Kit Pro (UPK) and Tutor
Governance, Risk & Compliance (GRC)
Master Data Management (MDM)
Oracle CRM On Demand
On Demand: SaaS and Managed Applications
AutoVue Enterprise Visualization
Agile PLM
Endeca Experience Management
Fusion Applications
Archived Forums



Solaris 10

pam_ldap with local accounts

Hello,  I would like to provide some users the ability to login to their Solaris account using an LDAP credential.  Naming services would not be in LDAP.  In other words, this could be considered a hybrid of local accounts, files/dns naming services, but adding pam_ldap at the bottom of the authentication stack.  Everything has tested out fine, and there is a sample pam.conf file in the naming service documentation from Sun: login   auth    requisite login   auth    required login   auth    required login   auth    required login   auth    sufficient login   auth    required ... other   auth    requisite other   auth    required other   auth    required other   auth    sufficient other   auth    required  In testing, however, what I have found is that accounts locked (passwd -l foousr resulting in LK in /etc/shadow) work as expected.  Login is denied.  No password accounts (passwd -N foousr resulting in NP in /etc/shadow) do not work as I thought they would.  They are still allowed to login if they supply the correct LDAP credential.  Many thanks for any feedback.

Related Links

install solaris via jumpstart with 2 network interfaces
ping via dedicated IP
Setting IPCS values permanently
Increase Inode to 10 million
Multi-label desktops not starting (Solaris 10u9)
Static arp entries in zones
LOFS mount in vfstab fails to mount at boot
SVM - metadb and 4 disks ?
Meld in Solaris 10 Sparc
DHCP Unknown Hostname
Warning: "Sorry, this content not allowed"
Max File size in UFS and ZFS
clientmqueue Folder Consuming more space Disk space
ksslcfg work only with apache?
AD authentication
System Panic after decoupling a firewire storage device