LDAP user authentication

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have recently switched a samba server (Debian Etch) to authenticate
the users with a ldap directory. It works fine, however the system is
also trying to authenticate the root user and other local users with the
directory. When the ldap server is down, or if there is no root user in
the ldap directory the authentication fails and I can't log in (ssh, su,

I want the server to query the /etc/password file first, and then to
fall back on the ldap server (and thus ignoring a root user from the
directory). How do I achieve that?

My config files:

# /etc/nsswitch.conf
passwd: compat ldap
shadow: compat ldap
group:  compat ldap

# /etc/pam.d/common-auth
auth    required        pam_unix.so nullok_secure
auth    sufficient      pam_ldap.so use_first_pass
auth    required        pam_deny.so

# /etc/pam.d/common-session
session required        pam_unix.so
session optional        pam_ldap.so

# /etc/pam.d/common-password
password required    pam_unix.so nullok obscure min=4 max=8 md5
password sufficient     pam_ldap.so use_authtok
password required       pam_deny.so

# /etc/pam.d/common-account
account required        pam_unix.so
account sufficient      pam_ldap.so

Beste Gre

Re: LDAP user authentication

Maros Kollar wrote:
Quoted text here. Click to load it

"files ldap" not "compat ldap"

Site Timeline