Erich Weiler wrote:
> Hi All-
>
> I'm hoping some of you Sun Kerberos gurus can tell me if my problem can be
> resolved... Basically I have my test Solaris 10 system set up to
> authenticate, via PAM, in 3 ways.
>
> First it checks if you have a local account and then let's you in if so.
>
> S
So in your case the ldap users (everyone?) *expect* to have to enter
two passwords. I was assuming that the ldap and kerberos users were
disjoint.
I think it's the use_first_pass, rather than the binding that's
killing you. If the optional doesn't turn off the warning then
there's no pam
On Fri, Jun 30, 2006 at 06:32:08PM +0100, Darren Moffat wrote:
> Erich Weiler wrote:
> >Hi All-
> >
> >I'm hoping some of you Sun Kerberos gurus can tell me if my problem can be
> >resolved... Basically I have my test Solaris 10 system set up to
> >authenticate, via PAM, in 3 ways.
> >
> >First i
Hi Henry,
Alas, it doesn't work. I think what the "binding" line does is choke
the chain, because it doesn't accept my krb5 password. LDAP works
though, but still gives the "Kerberos Authentication Failed" message.
I do need the kerberos module 2nd in the chain, because some folks have
kerbe
On Jun 30, 2006, at 8:46 AM, Erich Weiler wrote:
> # Default definitions for Authentication management
> # Used when service name is not explicitly mentioned for
> authentication
> #
> other auth requisite pam_authtok_get.so.1
> other auth required pam_unix_cred.so.1
> other auth sufficient pam
I'm no C or java programmer, but it looks like it's not a big deal to
fix this... ? Would you happen to know someone who has fixed it, or who
might be able to do some minor coding on it to make it work?
I'm just grasping at straws here because this issue is fairly important
to our operation...
> That is caused by this bit of code:
>
> http://cvs.opensolaris.org/source/xref/on/usr/src/lib/pam_modules/krb5/krb5_authenticate.c#286http://cvs.opensolaris.org/source/xref/on/usr/src/lib/pam_modules/krb5/krb5_authenticate.c#286
>
> That looks like a bug to me. There is a module option 'nowarn
Hi All-
I'm hoping some of you Sun Kerberos gurus can tell me if my problem can be
resolved... Basically I have my test Solaris 10 system set up to authenticate,
via PAM, in 3 ways.
First it checks if you have a local account and then let's you in if so.
Second it checks to see if you have a K
My checking algorithm had a slight problem with step 0, a correct (and faster)
version follows:
I Assume that a file should be accessed with access mode initial_access
II At first identity_access, ordinary_access and general_access are empty sets.
0. Check initial_access for execute/read/write p
As announced, I am working on a prototype that demonstrates the new privileges
restricting file access.
After having read the discussion threads again and again, I have merged all
suggestions and created the following seven privileges:
basic privilege PRIV_FILE_NONANONYMOUS_READ
Withou
10 matches
Mail list logo
