Help w/ pam_groups.so

Michael Peek peek at tiem.utk.edu
Wed Feb 17 20:49:05 UTC 2010


Hi guys,

I'm setting up a new Ubuntu network using LDAP for authentication.  I'm 
trying to use pam_group.so and I've run into a problem.  (I've done this 
before several years ago on Debian Sarge, but for some reason the same 
approach on Ubuntu Karmic isn't working.)

I edit /etc/pam.d/common-auth and put:

    auth required pam_group.so use_first_pass

before:

    auth [success=1 default=ignore] pam_ldap.so use_first_pass

And then edit /etc/security/group.conf and put:

    *; *; *; Al0000-2400; fax, voice, cdrom, floppy, audio, dip, video, 
plugdev, users, fuse, saned, vboxusers

But not only does this not work (i.e. SSH'ing in and typing "group" does 
not list me as being in any of these groups), but it also breaks gdm 
logins ("Authentication failure").  No errors are listed in syslog.

I'm at a loss.  Can someone clue me in?

Thanks,

Michael




More information about the ubuntu-users mailing list