projects / matthijs / servers / drsnuggles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
pam: Use LDAP for authentication.
[matthijs/servers/drsnuggles.git] / etc / pam.d / common-auth
diff --git a/etc/pam.d/common-auth b/etc/pam.d/common-auth
index 63d129aac9f8a62881d6413fe1b90f43b5423af8..aa0742c2ed46b783663b8dcfb86173f7fcbe08d1 100644 (file)
--- a/etc/pam.d/common-auth
+++ b/etc/pam.d/common-auth
@@ -7,4 +7,12 @@
 # (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
 # traditional Unix authentication mechanisms.
 #
-auth   required        pam_unix.so nullok_secure
+#
+# Default was:
+# auth required        pam_unix.so nullok_secure
+#
+# LDAP config copied from http://wiki.debian.org/LDAP/PAM
+auth    sufficient      pam_unix.so nullok_secure
+auth    requisite       pam_succeed_if.so uid >= 1000 quiet
+auth    sufficient      pam_ldap.so use_first_pass
+auth    required        pam_deny.so
Configuration files for drsnuggles.stderr.nl