Hi, Here¹s how my PAM PTA looks like. But id on;t think it is of much use.
dn: cn=PAM Pass Through Auth,cn=plugins,cn=config nsslapd-pluginEnabled: on pamSecure: FALSE pamExcludeSuffix: o=NetscapeRoot pamExcludeSuffix: cn=config I don¹t think the PTA will work against some other attribute which has same value as uid¹. You may have to hack the filters under the hood to be able to achieve that. My first guess: If you use PAM-PTA, you still need some PAM module to specify the stack to be used for PTA. So you need ldapserver01¹ file enabled and there you define the translation of uid attribute to new attribute. I don¹t know if this is do-able. Can you post some logs, which will tell where the block is. How are you specifying the master ldap server(server to authenticate)? -Prashanth ---------------------------- Hey thanks man. I have PAM PTA with krb working fine as well.. However..I am trying to pass through to another LDAP server, how can i go about doing that? The base of the tree on the other LDAP server is different i want to use it to authenticate the accounts. The other tree has the equivalent of the uid attribute in a different attribute. I think my service file (ldapserver) is off. Anyone have PAM PTA to another LDAP server working? An example perhaps? I am getting operations errors trying to use PAM PTA. I know the passwords are correct so I am doing something incorrectly. pam_passthru-plugin - => pam_passthru_bindpreop pam_passthru-plugin - pam msg [0] = 1 Password: pam_passthru-plugin - Error from PAM during pam_authenticate (6: Permission denied) pam_passthru-plugin - Unknown PAM error [Permission denied] for user id [test_user], bind DN [uid=test_user,dc=example,dc=com] pam_passthru-plugin - <= handled (error 1 - Operations error) Thanks again
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
