I've figured this out on AIX. If anyone googles this later:
the default: stanza needs to have:
system = "compat or KRB5ALXAP or LDAP"
SYSTEM = "KRB5ALXAP or LDAP or compat"
It could probably be done other ways (using PAM,) but this was easiest for now.
On Tue, Aug 7, 2012 at 10:02 AM, KodaK <sako...@gmail.com> wrote:
> I have an unusual situation. Our DBAs want different passwords for
> the oracle account
> on production and development machines. I'm using local
> authentication for oracle
> on all the boxes, but they're also not allowed to log in directly as
> oracle, only su, but
> su always wants to go to ldap first.
> Does anyone know what I need to do to get su to look at local auth
> first, then go to
> Another consideration is that this is AIX. I'm pretty sure if given a
> Linux solution to
> this I could adapt (AIX *can* use PAM, it just doesn't by default.)
> The government is going to read our mail anyway, might as well make it
> tough for them. GPG Public key ID: B6A1A7C6
The government is going to read our mail anyway, might as well make it
tough for them. GPG Public key ID: B6A1A7C6
Freeipa-users mailing list