[tac_plus] Authentication using Likewise and AD
heasley
heas at shrubbery.net
Tue Mar 31 14:25:19 UTC 2015
Tue, Mar 31, 2015 at 01:29:12PM +0000, Matt Almgren:
> I’ve been over that guide several times. When I use the entire library stack as shown in that guide, I get errors that some modules aren’t found – I assumed it’s a RHEL vs Ubuntu difference. I can try and track down the missing modules…but I don’t want it to conflict the rest of the PAM auth system.
>
> Thanks, Matt
Looking at debian and redhat, both have numerous optional packages containing
additional modules. you may need some of these, but certainly you must be
missing those files or they're not in the right location
(/lib/x86_64-linux-gnu/security/ on debian, but can be a FQPN).
That said, it seems that both are missing manpages - surprise. On Solaris
or BSD, there is a debugging option. If you can figure out if linux has
one - and what it is; that may help you unravel the PAM chaining. You may
also look at the fbsd manpages for more thorough information, which may or
may not be applicable to linux.
eg: from fbsd:
MODULE OPTIONS
Some PAM library functions may alter their behavior when called by a ser‐
vice module if certain module options were specified, regardless of
whether the module itself accords them any importance. One such option
is debug, which causes the dispatcher to enable debugging messages before
calling each service function, and disable them afterwards (unless they
were already enabled). Other special options include:
...
You may also wish to begin with a simple pam config which authenticates
against /etc/passwd (or none) and build upon that, piece by piece.
Lastly, you mentioned errors but did not include them in your email, so we
are just guessing. and, unless I've missed it, you also haven't shared your
pam conf for tac_plus.
More information about the tac_plus
mailing list