Help w/ pam_groups.so
Michael Peek
peek at tiem.utk.edu
Wed Feb 17 22:07:46 UTC 2010
[SOLVED]
Place the line containing pam_group.so at the end of
/etc/pam.d/common-auth, not before the line containing pam_ldap.so.
Michael Peek wrote:
> Hi guys,
>
> I'm setting up a new Ubuntu network using LDAP for authentication.
> I'm trying to use pam_group.so and I've run into a problem. (I've
> done this before several years ago on Debian Sarge, but for some
> reason the same approach on Ubuntu Karmic isn't working.)
>
> I edit /etc/pam.d/common-auth and put:
>
> auth required pam_group.so use_first_pass
>
> before:
>
> auth [success=1 default=ignore] pam_ldap.so use_first_pass
>
> And then edit /etc/security/group.conf and put:
>
> *; *; *; Al0000-2400; fax, voice, cdrom, floppy, audio, dip, video,
> plugdev, users, fuse, saned, vboxusers
>
> But not only does this not work (i.e. SSH'ing in and typing "group"
> does not list me as being in any of these groups), but it also breaks
> gdm logins ("Authentication failure"). No errors are listed in syslog.
>
> I'm at a loss. Can someone clue me in?
>
> Thanks,
>
> Michael
More information about the ubuntu-users
mailing list