Scalix Forums


http://www.scalix.com/forums/

Authentication AD and local scalix user

http://www.scalix.com/forums/viewtopic.php?f=2&t=7250

Page 1 of 1

Authentication AD and local scalix user

Posted: Mon Apr 30, 2007 8:42 am
by rudi
Hi,

I integrated Scalix in an AD environment. The authentication against AD and SWA works. But with an user only in scalix, not in AD, the auth. doesn't work. Here is my ual.remote:

auth sufficient om_krb5 use_first_pass
auth required pam_deny
account required om_auth
password required om_auth nullok
auth required om_auth nullok
auth sufficient om_krb5
auth required om_admin
auth required om_auth user_first_pass nullok
account required om_auth
password required om_auth nullok

Thanks for help!!!!!!!

Posted: Tue May 01, 2007 2:07 am
by florian
First of all, all lines of a given type, in this case, auth, are taken to be relevant, independent of them being intermixed with other lines.

therefore, what you really need is one block, similar to

auth sufficient om_krb5
auth sufficient om_auth
auth required pam_deny

this will allow either login to succeed or then fail. If using other variations, you might want to read the comments in the ual.remote template and the man om_krb5 manpage, especially with regards to the

user_unknown=ignore
If the user is unknown to Kerberos, tell Scalix PAM to ignore this module.

option.

Florian.
All times are UTC-04:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/