Hi list,
I have got an OpenLDAP server 2.4.16 and the lastest release of nss_ldap
and pam_ldap.
Some of my users are present both in /etc/passwd and shadow and in LDAP.
For some reasons, local passwords and LDAP passwords might not be the
same.
I have found the right pam configuration in order to authenticate the
users without taking into account if they are in LDAP or local users.
But my problem is that even if I use the local password, LDAP is always
check and it of course generates a failed login.
I am wondering whether it is possible to detect that an account is local
and then by pass ldap check.....
Here is my configuration for common-auth on Suse.
auth sufficient pam_ldap.so
auth required pam_unix2.so try_first_pass
Thanks and regards
Vince
