Cassio, Obrigado!
Funcionou a contento! Vou homologar isso em Red Hat 4 agora... Valeus! On Tue, 2008-10-21 at 09:52 -0200, Cassio Luiz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Tiago, > > Configure o arquivo /etc/pam.d/system-auth, conforme abaixo que irá > funcionar, tenho dessa forma configurado e funciona bem. > > > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth sufficient pam_unix.so nullok try_first_pass > auth sufficient pam_ldap.so use_first_pass > auth requisite pam_succeed_if.so uid >= 500 quiet > auth required pam_deny.so > > account required pam_unix.so > account sufficient pam_succeed_if.so uid < 500 quiet > account sufficient pam_ldap.so > account required pam_permit.so > > password requisite pam_cracklib.so try_first_pass retry=3 > password sufficient pam_unix.so md5 shadow nullok try_first_pass > use_authtok > password sufficient pam_ldap.so use_authtok > password required pam_deny.so > > session sufficient pam_mkhomedir.so skel=/etc/skel/ umask=0022 > session optional pam_keyinit.so revoke > session required pam_limits.so > session [success=1 default=ignore] pam_succeed_if.so service in > crond quiet use_uid > session required pam_unix.so > session optional pam_ldap.so > > Tiago Cruz escreveu: > > Pessoal, > > > > Estou tentando criar um usuário local na máquina para o caso de alguma > > indisponibilidade do server/rede. > > > > Creio que a configuração do PAM está errada, pois quando a máquina não > > tem rede eu não consigo logar com este usuário: > > > > nss_ldap: could not search LDAP server - Server is unavailable > > > > O usuário está na minha nss_initgroups_ignoreusers do /etc/ldap.conf. > > > > Segue o system-auth: > > > > # cat /etc/pam.d/system-auth > > auth required pam_env.so > > auth sufficient pam_unix.so nullok try_first_pass > > auth requisite pam_succeed_if.so uid >= 500 quiet > > auth sufficient pam_ldap.so use_first_pass > > auth required pam_deny.so > > > > account required pam_access.so > > account required pam_unix.so broken_shadow > > account sufficient pam_succeed_if.so uid < 500 quiet > > account [default=bad success=ok user_unknown=ignore] pam_ldap.so > > account required pam_permit.so > > > > password requisite pam_cracklib.so try_first_pass retry=3 > > password sufficient pam_unix.so md5 shadow nullok try_first_pass > > use_authtok > > password sufficient pam_ldap.so use_authtok > > password required pam_deny.so > > > > session optional pam_keyinit.so revoke > > session required pam_limits.so > > > > session [success=1 default=ignore] pam_succeed_if.so service in crond > > quiet use_uid > > session required pam_unix.so > > session optional pam_ldap.so > > session required pam_mkhomedir.so skel=/etc/skel umask=0022 > > > > Obrigado! > > > > > - -- > > Atenciosamente, > > Cássio Luiz > POLITEC (CNPQ/CGINF/COSUI) > E-mail: [EMAIL PROTECTED] > SEPN 507 Bloco B Ed. SEDE CNPq sala 7 (Térreo) - CPD > Fone: (61)2108-9114 Fax: (61)348-9428 > http://www.cnpq.br > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org > > iEYEARECAAYFAkj9woQACgkQk80tOIDcbQJYJwCeMbVWOG9v6QinU82yPE1KUeE8 > uJQAnj25+0rW6IPjfiNplKJVdmnVjrlY > =0k4m > -----END PGP SIGNATURE----- -- Tiago Cruz http://everlinux.com Linux User #282636 --------------------------------------------------------------------------- Esta lista é patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br Regras de utilização da lista: http://linux-br.conectiva.com.br FAQ: http://www.zago.eti.br/menu.html
