10-18-2011
Indeed, although that would arguably be riskier and probably more complex than setting up a directory server somewhere and configure ldap authentication.
Instead of modifying the OS code, I would suggest an interposition library that would "patch" the perform_passwd_aging_check function to expire specific user's password earlier or maybe a well crafted dtrace script to do the same.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I work on some hp ux 11.00 Servers. i have to add an user. i use the useradd command like follows: useradd -u 72022 -g 71095 -c " comment " -d /PACKAGE_NAME/home/username -s /usr/bin/sh username
The command returns with error 3. The manpage means value number 3: Invalid argument supplied to an... (6 Replies)
Discussion started by: ortsvorsteher
6 Replies
2. UNIX for Advanced & Expert Users
Hi.
due to some needs i gave a user the premission to use useradd command with sudo.
i want to know if there is a way to let him set the initial password, without giving him the premission to use passwd command as root (sudo).
maybe a way to set a default password for all the new users that... (2 Replies)
Discussion started by: dorilevy
2 Replies
3. Solaris
Hi,
I need to add a new user who will only be able to access one single folder on my Solaris 9 system. Can this be achieved by using just useradd or do i need to fiddle with auth_attr table?
TIA,
Selma (4 Replies)
Discussion started by: Selma
4 Replies
4. Shell Programming and Scripting
Gurus,
I need to add a user to all the machines. I need a script to do this. I did one but it does not allow me to su to root within a ssh session i open. It exists saying su: Sorry. Please let me know how i can do it. I do not have the freedom of using sudo either.
Regards (4 Replies)
Discussion started by: earlysame55
4 Replies
5. UNIX for Advanced & Expert Users
Hi Experts,
when using useradd command, what are the necessary options/arguments to be included?
Please advice. (4 Replies)
Discussion started by: etcpasswd
4 Replies
6. Solaris
O/S: Solaris 9
Architecture: SPARC
The man page for useradd states, "The new login remains locked until the passwd(1) command is executed."
This is a problem for me when accessing remotely via SSH and creating a new account from the console with useradd. As soon as I try to login into the... (3 Replies)
Discussion started by: tuxsun1
3 Replies
7. Solaris
if useradd command is deleted in solaris how do we add user (3 Replies)
Discussion started by: vivek_ng
3 Replies
8. UNIX for Advanced & Expert Users
Good day all.
I'm trying to add a user with useradd and the -p option to assign a project name, but the result is that the user is created with an error message: "UX: useradd: user.root name should be all lower case or numeric."
The command:
useradd -d /export/home/tester -g rtpgrp -G... (2 Replies)
Discussion started by: BRH
2 Replies
9. Solaris
i added a default user by command
useradd shekhar
it took user's default directory as /home/shekhar
now when i am going inside /home and giving this command
cd /home
ls-ld
it is not showing any directory named shekhar? why so?
thanx
shekhar (3 Replies)
Discussion started by: shekhar_4_u
3 Replies
10. Solaris
I want to creat a 27 logins in solaris.Can anyone tell me how to write a script for that so that i create at a time for all 27 people.
Thanks to guide me. (6 Replies)
Discussion started by: kkalyan
6 Replies
LEARN ABOUT XFREE86
pam_ldap
pam_ldap(8) System Manager's Manual pam_ldap(8)
NAME
pam_ldap - PAM module for LDAP-based authentication
SYNOPSIS
pam_ldap.so [...]
DESCRIPTION
This is a PAM module that uses an LDAP server to verify user access rights and credentials.
OPTIONS
use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
word.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user
for a password.
nullok Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM
framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ig-
nore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
a new password (it is analogous to use_first_pass).
debug This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass
LDAP checks for system users (e.g. by setting it to 1000).
MODULE SERVICES PROVIDED
All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.
FILES
/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
SEE ALSO
pam.conf(5), nslcd(8), nslcd.conf(5)
AUTHOR
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Version 0.8.10 Jun 2012 pam_ldap(8)