--- password-auth 2012-02-16 13:29:44.414373506 +0200 +++ password-auth 2012-02-16 13:38:29.770944674 +0200 @@ -4,16 +4,19 @@ auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet +auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account required pam_access.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet +account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha256 shadow nullok try_first_pass use_authtok +password sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke @@ -22,3 +25,4 @@ session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so +session optional pam_ldap.so --- system-auth 2012-02-16 13:29:44.414373506 +0200 +++ system-auth 2012-02-16 13:38:29.770944674 +0200 @@ -4,16 +4,19 @@ auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet +auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account required pam_access.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet +account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha256 shadow nullok try_first_pass use_authtok +password sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke @@ -22,3 +25,4 @@ session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so +session optional pam_ldap.so