Hi, 

We recently upgraded to 8.3.9 (from 8.3.6) because we were having the issue 
described in the fix below. Our postgres user and other domain users with pam 
authentication were getting locked out, in accords with our group domain policy 
10 failed login attemps in 30 minutes. I included some information about our 
environment below.   Sadly, after the upgrade to 8.3.9, we are still 
experiencing this issue. Has any one else reported this issue still exists, 
after the 8.3.9 fix below?

Thanks in advance,

~DjK

 

##

Fix PAM password processing to be more robust (Tom) The previous code is known 
to fail with the combination of the Linux pam_krb5 PAM module with Microsoft 
Active Directory as the domain controller. It might have problems elsewhere 
too, since it was making unjustified assumptions about what arguments the PAM 
stack would pass to it. 

 

##

Linux and AD 

The AD is running at a domain functional level of Windows Server 2003, however 
the schema is updated to Windows Server 2008.

Linux OS: SLES 9 sp4

2.6.5-7.308-smp #1 SMP Mon Dec 10 11:36:40 UTC 2007 x86_64 x86_64 x86_64 
GNU/Linux

 

## PAM -- postgres

auth required pam_unix2.so nullok

account required pam_unix2.so

 

## nsswitch.conf -- 

passwd: compat

group: compat

hosts: files dns

networks: files dns

services: files

protocols: files

rpc: files

ethers: files

netmasks: files

netgroup: files

publickey: files

bootparams: files

automount: files nis

aliases: files

passwd_compat: ldap

group_compat: ldap
                                          
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469226/direct/01/

Reply via email to