HPE Community
Operating System - HP-UX
1834136 Members
2184 Online
110064 Solutions
New Discussion

Trusted Mode PAM and NSS

 
Kyle Robinson_1
New Member

‎11-04-2003 10:56 AM

‎11-04-2003 10:56 AM

Trusted Mode PAM and NSS

Does anyone know if it's possible to login with a third party PAM module (for instance, a LDAP module) in Trusted Mode using the standard login/ftpd etc? According to the PAM stack the users _are_ getting authenticated but then login is exiting. I'm assuming this has something to do with not being able to retrieve a Audit ID because of the error message FTP returns and the truss results of login. We've tried returning fake pw_audid from our NSS module but have had no luck. Any ideas? How does NIS+ deal with this?
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎11-04-2003 11:51 AM

‎11-04-2003 11:51 AM

Re: Trusted Mode PAM and NSS

If you post your exact error message, this can be resolved. I've seen similar errors and there are itrc posts solving it.

You could cut and paste your error into the itrc search engine and find the answer yourself doing an exact phrase search.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Kyle Robinson_1
New Member

‎11-05-2003 04:20 AM

‎11-05-2003 04:20 AM

Re: Trusted Mode PAM and NSS

FTP session closed

Networking service = ftp
Request outcome = failure
Validation tool = passwd
Service event = unspecified
Remote system = 127.0.0.1
Remote user = unspecified
Local system = 127.0.0.1
Local user = 1001
Login disallowed - setaudid(-1): Invalid argument User = u1-x

This user is a not a pam_unix user but can authenticate and login using our pam module in non-trusted mode. In trusted mode the user is authenticated according to the logs but login by either login or ftpd are denied with the above error message.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.