User Inactivation don't work in DS 5.2

User Inactivation don't work in DS 5.2

Post by Tommy Fall » Tue, 23 Sep 2003 15:56:12


Hi

Got a solaris 8 client to DS 5.2 where users that are inactivated/locked
still can login.
With this user can login/change password via LDAP. But account
lockout/inactivation does'nt affect them
login auth requisite pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth required pam_dial_auth.so.1
login auth required pam_unix_auth.so.1

The client is patched with 108993-25and other required patches and make use
of ns ldap file version 2.0 and the new pam.conf.
Tried different combinations(listed below) in pam.conf with pam_ldap.so.1,
and always end up with users being able to login without passwd or not at
all.

http://www.yqcomputer.com/

login auth requisite pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth required pam_dial_auth.so.1
login auth sufficient pam_unix_auth.so.1 server_policy
login auth required pam_ldap.so.1

login auth required pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth required pam_dial_auth.so.1
login auth sufficient pam_unix_auth.so.1
login auth required pam_ldap.so.1 try_first_pass

Suggestion in man pam.conf don't work. How is the pam.conf suppose to be
setup?
Or is Directory Server the problem, something missing in its setup?

Tommy Fallsen
 
 
 

1. How to configure DS 5.2 to startup on boot?

2. SCSI Reserve issue with HACMP 5.2 and new DS-8100

At least, I think it's a reserve issue.

I've a new ds-8100 I'm tryinhg to get an HA cluster attached to. I've got
the I/O ports configured, the wwn assignments made, and the switches
zoned.

All the ports in the cluster can find the volumes if I do cfgmgr -l
<adapter>.

So I deleted everything from all but one system and built a dummy vg to
get pvid's assigned. Then did a varyoffvg and ran cfgmgr on one of the
other systems. Got an adapter error for each pv, and no drives.

Did an exportvg on the first system, and now cfgmgr can find the drives
and get the pvid. but varyonvg -L is not working either.

So -- I've missed sommething in the config, presumably on the 8100.

Suggestions?

TIA

Tom
--
NewsGuy.Com 30Gb $9.95 Carry Forward and On Demand Bandwidth

3. Can a Solaris 9 server running DS 5.2 server be its own native LDAP client?

4. DS 5.2 cert7.db

5. [ace-users] [ciao-users] ACE/TAO/CIAO x.5.2 release announcement

6. [tao-users] [ciao-users] ACE/TAO/CIAO x.5.2 release announcement

7. [ace-users] [tao-users] ACE+TAO x.5.2 RPM for Fedora Core

8. [tao-users] [ace-users] ACE+TAO x.5.2 RPM for Fedora Core

9. [ace-users] [tao-users] ACE/TAO/CIAO x.5.2 release announcement

10. IP Config with 2 NICs Wizard dont work, Static dont work!

11. [ciao-users] [ace-users] ACE/TAO/CIAO x.5.2 release announcement

12. [tao-users] [ace-users] ACE/TAO/CIAO x.5.2 release announcement

13. [ciao-users] [tao-users] ACE/TAO/CIAO x.5.2 release announcement

14. Looking for AIX 5.2 binaries, IS anyone running Ruby on AIX 5.2 ??

15. High load after upgrading from 5.2-RC2 to 5.2-Release