Hi,
We recently upgraded to 8.3.9 (from 8.3.6) because we were having the issue
described in the fix below. Our postgres user and other domain users with pam
authentication were getting locked out, in accords with our group domain policy
10 failed login attemps in 30 minutes. I included some information about our
environment below. Sadly, after the upgrade to 8.3.9, we are still
experiencing this issue. Has any one else reported this issue still exists,
after the 8.3.9 fix below?
Thanks in advance,
~DjK
##
Fix PAM password processing to be more robust (Tom) The previous code is known
to fail with the combination of the Linux pam_krb5 PAM module with Microsoft
Active Directory as the domain controller. It might have problems elsewhere
too, since it was making unjustified assumptions about what arguments the PAM
stack would pass to it.
##
Linux and AD
The AD is running at a domain functional level of Windows Server 2003, however
the schema is updated to Windows Server 2008.
Linux OS: SLES 9 sp4
2.6.5-7.308-smp #1 SMP Mon Dec 10 11:36:40 UTC 2007 x86_64 x86_64 x86_64
GNU/Linux
## PAM -- postgres
auth required pam_unix2.so nullok
account required pam_unix2.so
## nsswitch.conf --
passwd: compat
group: compat
hosts: files dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases: files
passwd_compat: ldap
group_compat: ldap
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469226/direct/01/
