# Standard Un*x authentication.
#@include common-auth
auth [success=2 default=ignore] pam_ldap.so nullok_secure
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
# Standard Un*x authorization.
#@include common-account
account [success=2 new_authtok_reqd=done default=ignore] pam_ldap.so
account [success=1 default=ignore] pam_ldap.so
account requisite pam_deny.so
account required pam_permit.so
# Standard Un*x password updating.
#@include common-password
password [success=2 default=ignore] pam_ldap.so obscure sha512
password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass
password requisite pam_deny.so
password required pam_permit.so
Partager