Re: AW: pam_ldap read not auth on userPassword

> sounds like you are not using pam_ldap at all, though you contact the pamldap-list.
> nss_ldap is retrieving data from LDAP and some pam-module, like pam_unix is validating passwords against that data.
> Install and configure pam_ldap instead, then you'll see the desired behaviour.
> If you already installed pam_ldap, I suppose your pam-config validates passwords with some other module first and does not bother invoke pam_ldap.
Sigh- I had two major typos in my system-auth file and a couple of other
bits I never would have found until you mentioned I probably wasn't using
pam_ldap at all. I'm going to fix these and test the results but I'm
nearly certain that was the problem. I spent 2 hours checking the files
and managed to miss these issues several times. I managed to comment out
ldap in nsswitch.conf on the wrong server- then couldn't figure out how it
could still be authing...

Thanks,
-Don