[Fedora-directory-users] Ubuntu not enforcing password policies
Nalin Dahyabhai
nalin at redhat.com
Wed Dec 3 17:57:19 UTC 2008
On Tue, Dec 02, 2008 at 11:22:44PM -0500, John A. Sullivan III wrote:
> Seem to have it now. The Ubuntu host did not like the settings copied
> in from Fedora. However, simply reversing the default Ubuntu settings
> so that they are now:
>
> account required pam_unix.so
> account sufficient pam_ldap.so
Please be careful about this. If this is the entire set of "account"
modules, then I think the end-result when pam_ldap.so fails might be
undefined (in particular, the user may be allowed access anyway, even if
pam_ldap.so indicates that the user should not have access, because no
"required" modules have indicated problems).
Cheers,
Nalin
More information about the 389-users
mailing list