1 |
On Tuesday 05 September 2006 17:35, Andrew D. Fant wrote: |
2 |
> I know that there is an NIS emulation mode for ldap, but is there a more |
3 |
> elegant way to have a local password file, where logins are checked first |
4 |
> against the directory, and if there is no ldap entry for the user, falling |
5 |
> back to the local files? |
6 |
|
7 |
In /etc/nsswitch.conf, you can have an entry like this : |
8 |
|
9 |
passwd: ldap files |
10 |
shadow: ldap files |
11 |
group: ldap files |
12 |
|
13 |
An for the accounts, in the configuration of PAM, you can have : |
14 |
|
15 |
auth sufficient pam_ldap.so |
16 |
auth sufficient pam_unix.so likeauth nullok use_first_pass |
17 |
|
18 |
This should do what you want... |
19 |
|
20 |
I hope it will help you ! |
21 |
|
22 |
-- |
23 |
Nicolas MASSÉ |
24 |
Pour récupérer ma clef GPG: |
25 |
gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 0x2A18C433 |
26 |
Key fingerprint: 6621 FC23 5DC7 54BA B952 316A 50B1 BC3F 2A18 C433 |