On Ter, 2008-02-05 at 13:14 -0600, Bryan Payne wrote:
> I can login fine but there is one quirk that I cannot seem to track
> down. After entering the ldap password for a user, I receive a message
> that says "Access denied for this service." It happens via ssh or
> locally or gdm. But it still lets me login. It only happens for ldap users.
> Here is my pam.d entries:
>
> common-auth:
> auth sufficient /lib/security/pam_ldap.so debug
> auth required /lib/security/pam_env.so debug
> auth required /lib/security/pam_unix2.so debug
> auth required /lib/security/pam_nologin.so debug
>
> common-account:
> account sufficient /lib/security/pam_ldap.so debug
> account required /lib/security/pam_unix2.so debug
I'm guessing pam_ldap is probably the one giving that "access denied"
message, but since it is "sufficient", login is not denied. pam_unix2.so
would be succeeding, and so the whole section succeeds.
>
> common-password:
> password sufficient /lib/security/pam_ldap.so debug
> password required /lib/security/pam_unix2.so nullok use_first_pass
> debug
>
> common-session:
> session sufficient /lib/security/pam_ldap.so debug
> session required /lib/security/pam_limits.so debug
> session required /lib/security/pam_unix2.so debug
>
>
