On Fri, Apr 12, 2002 at 04:34:30PM -0500, McNutt, Justin M. wrote:
> [User must have local account on server or PAM fails]
> > Kick me if you don't hear back from me on this in a day or so -- I'll
> > take a look at what we have in the pam_krb5 CVS repository
> > and fix it if
> > it isn't alr
[User must have local account on server or PAM fails]
> Kick me if you don't hear back from me on this in a day or so -- I'll
> take a look at what we have in the pam_krb5 CVS repository
> and fix it if
> it isn't already taken care of.
Okay, I just checked again using a fully-patched RedHat
On Wed, Apr 10, 2002 at 08:33:58AM -0500, McNutt, Justin M. wrote:
> > PAM itself doesn't care about local vs. non-local accounts.
> > If you're
> > having trouble with this, you almost certainly have a module
> > in your PAM
> > config which you shouldn't -- such as pam_unix, which by defini
> PAM itself doesn't care about local vs. non-local accounts.
> If you're
> having trouble with this, you almost certainly have a module
> in your PAM
> config which you shouldn't -- such as pam_unix, which by definition
> requires local accounts and will give you a failure for anything else
> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> > So my original question, slightly reworded, is "If PAM is able to
> > authenticate me correctly, which it does, why does FreeRADIUS still
> > return a reject unless there is a local account?" This
> would seem to be
> > a function of what Free
Justin,
On Mon, Apr 08, 2002 at 04:34:39PM -0400, Alan DeKok wrote:
> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> > So my original question, slightly reworded, is "If PAM is able to
> > authenticate me correctly, which it does, why does FreeRADIUS still
> > return a reject unless there is a
"McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> So my original question, slightly reworded, is "If PAM is able to
> authenticate me correctly, which it does, why does FreeRADIUS still
> return a reject unless there is a local account?" This would seem to be
> a function of what FreeRADIUS reques
"McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> > PAM does username/password authentication, nothing else.
>
> Not so. PAM can provide several different authorization functions as
> well.
... and for authentication, it does username/password (or
equivalents)
> I figured this one out. Fre
> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> > > PAM does username/password authentication, nothing else.
> >
> > Not so. PAM can provide several different authorization
> functions as
> > well.
>
> ... and for authentication, it does username/password (or
> equivalents)
But RADIUS
> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> > 1) FreeRADIUS refuses to authenticate any user who does
> not have an =
> > account on the local workstation.
>
> That's most likely the fault of PAM, if the user is trying to log
> into the box.
The user is not trying to log into the box.
"McNutt, Justin M." <[EMAIL PROTECTED]> wrote:
> 1) FreeRADIUS refuses to authenticate any user who does not have an =
> account on the local workstation.
That's most likely the fault of PAM, if the user is trying to log
into the box.
PAM does username/password authentication, nothing else.
11 matches
Mail list logo