projects / matthijs / servers / drsnuggles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
pam: Use LDAP for authentication.
[matthijs/servers/drsnuggles.git] / etc / pam.d / common-account
diff --git a/etc/pam.d/common-account b/etc/pam.d/common-account
index 6798301962a745e7d5a8ea9b2f9d26b172eb3cbd..c2e28cb63cfba5a05ecd5a4ac3d131dea167b1b9 100644 (file)
--- a/etc/pam.d/common-account
+++ b/etc/pam.d/common-account
@@ -6,4 +6,12 @@
 # the central access policy for use on the system.  The default is to
 # only deny service to users whose accounts are expired in /etc/shadow.
 #
-account        required        pam_unix.so
+# Default was:
+#account       required        pam_unix.so
+#
+# LDAP config copied from http://wiki.debian.org/LDAP/PAM
+account     required      pam_unix.so
+account     sufficient    pam_succeed_if.so uid < 1000 quiet
+account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
+account     required      pam_permit.so
+
Configuration files for drsnuggles.stderr.nl