On Wed, 2011-06-08 at 16:35 -0700, Steve Langasek wrote:
> That's only an issue if LDAP provides a password entry with 'x' for the
> password field (which denotes a shadow account), *and* does not provide
> shadow information. That's a misconfigured nss_ldap, nothing more.
Thanks for pointing tha
On Wed, Jun 08, 2011 at 09:39:06PM +0200, Arthur de Jong wrote:
> On Wed, 2011-06-08 at 09:27 -0700, Steve Langasek wrote:
> > That's not the model in use. What you're saying is that you want the
> > pam_ldap authorization checks to always be enforced; that's an 'Additional'
> > profile, regardles
On Wed, 2011-06-08 at 09:27 -0700, Steve Langasek wrote:
> That's not the model in use. What you're saying is that you want the
> pam_ldap authorization checks to always be enforced; that's an 'Additional'
> profile, regardless of what other profiles are enabled.
It's not uncommon to not provide
On Wed, Jun 08, 2011 at 12:29:45PM +0200, Luca Capello wrote:
> > While I'm still weighing whether to change pam_unix for bug #583492, it is
> > definitely the case that pam_ldap's authorization checks should be
> > 'Additional' and not 'Primary' because, as seen here, they are intended to
> > alwa
Hi Steve!
On Wed, 08 Jun 2011 09:14:08 +0200, Steve Langasek wrote:
> On Sun, Jan 23, 2011 at 08:17:03PM +0100, Luca Capello wrote:
>> On sid, however, while I was quite happy than I had nothing to touch to
>> have LDAP authentication working automatically by default, the
>> libpam-ldap's pam_chec
5 matches
Mail list logo