Hi,
I integrated Scalix in an AD environment. The authentication against AD and SWA works. But with an user only in scalix, not in AD, the auth. doesn't work. Here is my ual.remote:
auth sufficient om_krb5 use_first_pass
auth required pam_deny
account required om_auth
password required om_auth nullok
auth required om_auth nullok
auth sufficient om_krb5
auth required om_admin
auth required om_auth user_first_pass nullok
account required om_auth
password required om_auth nullok
Thanks for help!!!!!!!
Authentication AD and local scalix user
Moderators: ScalixSupport, admin
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
First of all, all lines of a given type, in this case, auth, are taken to be relevant, independent of them being intermixed with other lines.
therefore, what you really need is one block, similar to
auth sufficient om_krb5
auth sufficient om_auth
auth required pam_deny
this will allow either login to succeed or then fail. If using other variations, you might want to read the comments in the ual.remote template and the man om_krb5 manpage, especially with regards to the
user_unknown=ignore
If the user is unknown to Kerberos, tell Scalix PAM to ignore this module.
option.
Florian.
therefore, what you really need is one block, similar to
auth sufficient om_krb5
auth sufficient om_auth
auth required pam_deny
this will allow either login to succeed or then fail. If using other variations, you might want to read the comments in the ual.remote template and the man om_krb5 manpage, especially with regards to the
user_unknown=ignore
If the user is unknown to Kerberos, tell Scalix PAM to ignore this module.
option.
Florian.
Florian von Kurnatowski, Die Harder!
Who is online
Users browsing this forum: No registered users and 3 guests