SLUG Mailing List Archives
Re: [SLUG] Fwd: pam_smb question
- To: Del <del@xxxxxxxxxxxx>
- Subject: Re: [SLUG] Fwd: pam_smb question
- From: Luke McKee <luke@xxxxxxxxxxxxx>
- Date: Mon May 28 13:14:09 2001
- Cc: slug@xxxxxxxxxxx
- Organization: Webpay
> Luke McKee wrote:
> > does PAM rely on an account being able to be looked up through a NSS above
> > all things?
> It does, if you tell it to, depending on the module.
> For example, the account parts of the pam_permit and pam_deny modules
> don't care about whether an account is in NSS or not.
> Most of the other modules will look for an account in NSS.
> It depends on the structure of the "account" section of the pam file
> for whatever application you are using.
I've already tried having only require statements with pam_permit and
pam_smb_auth in the pam conf file for the process I need to check
authentication against NT.
It doesn't read the this conf file unless the user is in NSS.
Is there some compile time option that enables pam to enforce that an account
must be found in NSS?
I need to turn it off right. Does anyone know where it is?
I am running Linux-PAM-0.75.