Thanks for the help. I seem to have it working satisfactorily now.
At 11:47 26/04/2001, you wrote:
>Simon Bryan wrote:
> >
> > Just checking, you are saying I should actually create a password,
>
>Yes
>
> > just
> > make it random
>
>Yes
>
> > (the script will do this for me),
>
>The examples I gave you are really badly unrandom easily guessable
>passwords. I suggest you do something more clever. man -k random on
>your system might give you ideas.
>
> > then ensure in my pam
> > module that it checks the NT server first, then these passwords will be
> > irrelevant anyway?
>
>Yup.
>
>Here is what I use in /etc/pam.d/login:
>
>#%PAM-1.0
>auth required /lib/security/pam_securetty.so
>auth required /lib/security/pam_nologin.so
>auth sufficient /lib/security/pam_ldap.so
>auth required /lib/security/pam_pwdb.so shadow nullok
>account sufficient /lib/security/pam_ldap.so
>account required /lib/security/pam_pwdb.so
>password required /lib/security/pam_cracklib.so
>password required /lib/security/pam_ldap.so
>password required /lib/security/pam_pwdb.so nullok use_authtok md5
>shadow
>session required /lib/security/pam_pwdb.so
>session optional /lib/security/pam_console.so
>
>Del
Simon Bryan
____________________________________
IT Manager
OLMC Parramatta
http://www.olmc.nsw.edu.au
____________________________________
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
