> On Ter, 2008-02-05 at 13:14 -0600, Bryan Payne wrote:
>
>> I can login fine but there is one quirk that I cannot seem to track
>> down. After entering the ldap password for a user, I receive a message
>> that says "Access denied for this service." It happens via ssh or
>> locally or gdm. But it still lets me login. It only happens for ldap users.
>> Here is my pam.d entries:
>>
>> common-auth:
>> auth sufficient /lib/security/pam_ldap.so debug
>> auth required /lib/security/pam_env.so debug
>> auth required /lib/security/pam_unix2.so debug
>> auth required /lib/security/pam_nologin.so debug
>>
>> common-account:
>> account sufficient /lib/security/pam_ldap.so debug
>> account required /lib/security/pam_unix2.so debug
>>
>
> I'm guessing pam_ldap is probably the one giving that "access denied"
> message, but since it is "sufficient", login is not denied. pam_unix2.so
> would be succeeding, and so the whole section succeeds.
>
>
>> common-password:
>> password sufficient /lib/security/pam_ldap.so debug
>> password required /lib/security/pam_unix2.so nullok use_first_pass
>> debug
>>
>> common-session:
>> session sufficient /lib/security/pam_ldap.so debug
>> session required /lib/security/pam_limits.so debug
>> session required /lib/security/pam_unix2.so debug
>>
>>
>>
>
>
Yes, this solved the problem. Thank you very much.
