Date: Wed, 10 Nov 2004 19:41:09 +0100 From: <cm@de.clara.net> To: "Patrick Okui" <pokui@psg.com> Cc: freebsd-stable@freebsd.org Subject: Re: Pam Authorization Problem Message-ID: <000501c4c754$d8adddf0$45fea8c0@turbofresse> References: <2627048885E8BF7F8DCDCFD2@jesk.int.de.clara.net> <200411102021.18553.pokui@psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> huh? as in a user that more or less does *not* exist on your system can log > in? do you have any other authentication modules that the system falls to? Sure, authentication is enabled too, but i want to limit access through authorization. here my whole pam.d/sshd configuration: --- # auth auth required pam_nologin.so no_warn auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local auth sufficient /usr/local/lib/pam_ldap.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account account required pam_login_access.so account sufficient /usr/local/lib/pam_ldap.so account required pam_unix.so # session session required pam_permit.so # password password required pam_unix.so no_warn try_first_pass --- when i login to the system i become the message: --- You must be a uniqueMember of cn=klever,ou=hosts,dc=xxx,dc=xxx,dc=xxx to login. --- but exactly this is not true, then why i can login?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000501c4c754$d8adddf0$45fea8c0>