Hi,
After some experimentaion, I came up with another pam configuration for
desk top login. This would override the settings "other", as the
application has been marked specifically as "dtlogin".
Seems what you have to do is experiment with the configuration to get
something workable. My system is basic ldap and no kerberos at this
stage.
------------------------------------------------------------------------
-------------------------
dtlogin auth sufficient pam_unix.so.1
dtlogin auth required pam_ldap.so.1 try_first_pass
dtlogin account sufficient pam_unix.so.1
dtlogin account requisite pam_roles.so.1
dtlogin account required pam_projects.so.1
dtlogin account sufficient pam_unix_account.so.1
dtlogin account required pam_ldap.so.1 try_first_pass
dtlogin session sufficient pam_unix_session.so.1
dtlogin session required pam_ldap.so.1 try_first_pass
------------------------------------------------------------------------
-------------------------
cheers
-----Original Message-----
From: fedora-directory-users-bounces(a)redhat.com
[mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Sam
Smith
Sent: 26 May 2006 10:49 PM
To: General discussion list for the Fedora Directory server project.
Subject: Re: [Fedora-directory-users] solaris, dtlogin, and FDS
Susan wrote:
I have this and my dtlogin works fine:
# Default definitions for Authentication management # Used when service
name is not explicitly mentioned for authentication #
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_cred.so.1
other auth sufficient pam_unix_auth.so.1
other auth required pam_ldap.so.1
#
Susan, I'm pretty sure now that authentication is not the problem - it
seems to authenticate fine and then die. What other lines for "other" do
you have in your pam.conf?
Sam
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--------------------------------------------------------
This e-mail and any attachments are confidential and may also be legally
privileged and/or copyright material of Intec Telecom Systems PLC (or its
affiliated companies). If you are not an intended or authorised recipient
of this e-mail or have received it in error, please delete it immediately
and notify the sender by e-mail. In such a case, reading, reproducing,
printing or further dissemination of this e-mail or its contents is strictly
prohibited and may be unlawful.
Intec Telecom Systems PLC does not represent or warrant that an attachment
hereto is free from computer viruses or other defects. The opinions
expressed in this e-mail and any attachments may be those of the author and
are not necessarily those of Intec Telecom Systems PLC.