From owner-freebsd-questions@FreeBSD.ORG  Thu Jul 10 15:49:05 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 91D4A37B401
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Jul 2003 15:49:05 -0700 (PDT)
Received: from albatross.mail.pas.earthlink.net
	(albatross.mail.pas.earthlink.net [207.217.120.120])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E5BDB43F93
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Jul 2003 15:49:04 -0700 (PDT)
	(envelope-from mbaki@whywire.net)
Received: from user-119apb3.biz.mindspring.com ([66.149.101.99]
	helo=nebula.whywire.net)
	by albatross.mail.pas.earthlink.net with esmtp (Exim 3.33 #1)
	id 19akDm-00062m-00
	for freebsd-questions@freebsd.org; Thu, 10 Jul 2003 15:49:02 -0700
Received: from whywire.net ([10.0.3.67])
	by nebula.whywire.net (8.12.2/8.12.2) with ESMTP id h6AMWlZ0031492
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Jul 2003 18:32:48 -0400 (EDT)
Date: Thu, 10 Jul 2003 18:49:33 -0400
Mime-Version: 1.0 (Apple Message framework v552)
Content-Type: text/plain; charset=US-ASCII; format=flowed
From: Monah Baki <mbaki@whywire.net>
To: freebsd-questions@freebsd.org
Content-Transfer-Encoding: 7bit
Message-Id: <C61A194D-B328-11D7-8CB0-00039313E976@whywire.net>
X-Mailer: Apple Mail (2.552)
Subject: openldap ssh problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jul 2003 22:49:05 -0000

Hi all,

I'm just installed freebsd 5.1 running openldap and pam_ldap from 
padl.com.

I created a userid and made sure he had 2 different password in 
/etc/passwd and in the openldap database.

I was able to ssh using the openldap database password when the user 
exist locally (/etc/passwd), but when I deleted his local account, I 
can no longer ssh using the openldap database password.


my /etc/pam.d/ssh file:

auth       sufficient   pam_ldap.so
auth       required     pam_nologin.so
auth       required     pam_unix.so

account    sufficient   pam_ldap.so
account    required     pam_unix.so

session    sufficient   pam_ldap.so
session    required     pam_unix.so

password   sufficient   pam_ldap.so
password   required     pam_unix.so

Am I missing anything????



Thank you.