<quote who="Alex Samad">
> Now by reckoning, authentication with check ldap first (via nsswitch.conf)
> and if failing that move on to files and then nisplus. So if an account
> is not in the ldap DB but in the local /etc/passwd files it will use this
> account.
... but you have unix before ldap in all of those lists.
> My only problem now, if the above is true, is that if the LDAP server is
> done, I can not login because the module doesn't exit gracefully, is there a
> way for it to be configured to do that. So that even if the account is in
> the local DB files and ldap is down I can not authenticate!
It will generally go on to the next one, but for a nicer way, use
"try_first_pass" (described in your PAM documentation).
- Jeff
--
We're kind of like Canada, only we hate ourselves more, and it's wetter
around the edges.
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
