Showing results for 
Search instead for 
Did you mean: 

LDAP-UX + 389-ds

Delcho Tuhchiev
Frequent Advisor

LDAP-UX + 389-ds

I've integration between Fedora 389-DS and LDAP-UX Client B5.01 (which is running on hp-ux 11.23). Allmost everything works perfect till I enable status:rhds:check_rhds_policy in pam_authz.policy. I follow all intrutions in "LDAP-UX Client Services B.05.01 Administrator Guide" but no luck.
I've see that the following message appears in syslog : "sshd[29721]: PAM_AUTHZ: query daemon return failure status 7"

Any Ideas?? Thank in advance!

Valued Contributor

Re: LDAP-UX + 389-ds

I know this thread is old, but I thought I would share my experience so far. I too have not been able to get the check_rhds_policy to work with pam_authz. I setup the proxy user and set the aci's specified in the ldaup 5.01 admin guide. In the end, the only way I could get the password policies to work is by adding filters to pam_authz.policy.




This is about all you need to make sure users cannot login even though the directory shows thes users paswords expired, or account locked/inactive.


I hope this helps someone.

Valued Contributor

Re: LDAP-UX + 389-ds

I need to revise this. I ran into issues. This has worked for me.




I am still trying to figure out how to get the status:rhds:check_rdhs_policy line to work properly.