| 1 |
On Tuesday 05 September 2006 17:35, Andrew D. Fant wrote: |
| 2 |
> I know that there is an NIS emulation mode for ldap, but is there a more |
| 3 |
> elegant way to have a local password file, where logins are checked first |
| 4 |
> against the directory, and if there is no ldap entry for the user, falling |
| 5 |
> back to the local files? |
| 6 |
|
| 7 |
In /etc/nsswitch.conf, you can have an entry like this : |
| 8 |
|
| 9 |
passwd: ldap files |
| 10 |
shadow: ldap files |
| 11 |
group: ldap files |
| 12 |
|
| 13 |
An for the accounts, in the configuration of PAM, you can have : |
| 14 |
|
| 15 |
auth sufficient pam_ldap.so |
| 16 |
auth sufficient pam_unix.so likeauth nullok use_first_pass |
| 17 |
|
| 18 |
This should do what you want... |
| 19 |
|
| 20 |
I hope it will help you ! |
| 21 |
|
| 22 |
-- |
| 23 |
Nicolas MASSÉ |
| 24 |
Pour récupérer ma clef GPG: |
| 25 |
gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 0x2A18C433 |
| 26 |
Key fingerprint: 6621 FC23 5DC7 54BA B952 316A 50B1 BC3F 2A18 C433 |
Archives