Thanks but I already did that. In the syslog, when I add 'debug' at the end of the line auth required pam_radius_auth.so debug I see, after a login attempt with a user not in /etc/passwd:
login[1769]: pam_radius_auth: Got user name testuser login[1769]: pam_radius_auth: Sending RADIUS request code 1 and then a lot of LDAP (slapd) messages, ending with slapd[1593]: conn=37 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= (which is exactly the same message as with a 'valid' user, so I know 100% sure that RADIUS->LDAP is working) and then a line login[1797]: Failed to lookup user 'testuser' So my guess would be that RADIUS->LDAP is OK, but there's something wrong with login->PAM/RADIUS Any hints appreciated Hans > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Gary > McKinney > Sent: donderdag 24 juni 2004 17:11 > To: [EMAIL PROTECTED] > Subject: Re: Another PAM question > > > Hans, > > I think all you have to do is comment out the "unix" line in > the Authentication section of the radiusd.conf file and > restart the radius server. > > > Gary N. McKinney > > Network Administrator > Computer Services Dept. > Brevard County Library System > > > > ---------- Original Message ---------------------------------- > From: "Hans" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Thu, 24 Jun 2004 16:57:49 +0200 > > >Hello. > > > >I managed to get my user-logins to authenticate against a > freeradius server, > >which in turn uses an openLdap server. This works now, but > login is still > >using /etc/passwd, because if I delet a user then I get > 'User is unknown to > >underlying authentication module' > > > >I tried to delete the line > >auth requisite pam_unix2.so > >from /etc/pam.d/login, but no such luck. > > > >What I want now, is that the /etc/passwd is not used anymore > for password > >and for home and shell etc, so delete all users from it. > > > >So that ls /home does give me the correct user/group names instead of > >numbers. > > > >What should I do? > > > >Gr, Hans > > > > > >- > >List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > >--- > >[This E-mail scanned for viruses by Declude Ant-Virus Scanner] > > > > > > > > ________________________________________________________________ > Sent via the KillerWebMail system at mail.brev.org > > > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
