[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pam-list
Subject:    authentication for only local users only
From:       Rupesh <thakkar_rupesh () yahoo ! com>
Date:       2008-04-10 15:38:16
Message-ID: 428522.41885.qm () web94707 ! mail ! in2 ! yahoo ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


                      I have linux server which is joined to AD Domain.

One of domain user has (test/dompasswd) same name as local user on machine \
(test/localpasswd) but has different password.

My application calls pam_authenticate() API(Linux-PAM-0.99.3.0).

A)When I call pam_authenticate() for user string  <DOMAIN_NAME>\test it succeeds with \
only domain password (dompasswd ) and fails with localpasswd.(this is expected).

B)When I call pam_authenticate() for userstring without Domain name "test" it return \
SUCCESS with both the passwords( local passwd and domain password).

for B) my appilcation is not able to identify whether user test is authenticated \
against local user or domain user.  In some specific scenario where I want user to be \
authenticated only against local  database and not against Domain database.

Can I use any other PAM API instead of pam_authenticate()?
or is there any way we can identify after authentication that  , the user which is \
authenticated is local user  or domain user?

Regards
Rupesh
 
       
---------------------------------
 Explore your hobbies and interests. Click here to begin.


[Attachment #5 (text/html)]

    <meta http-equiv="CONTENT-TYPE" content="text/html; \
charset=utf-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 2.0  \
(Linux)"><meta name="AUTHOR" content="Rupesh"><meta name="CREATED" \
content="20080410;19212900"><meta name="CHANGED" content="16010101;0">            \
<style>  <!--   @page { size: 8.5in 11in; margin: 0.79in }   P { margin-bottom: \
0.08in }  -->  </style>  <div style="margin-bottom: 0in; line-height: 0.17in;"><font \
color="#000000"><font face="Helv, sans-serif"><font size="2">I have linux server \
which is joined to AD Domain.<br><br>One of domain user has (test/dompasswd) same \
name as local user on machine (test/localpasswd) but has different \
password.<br><br>My application calls pam_authenticate() \
API(Linux-PAM-0.99.3.0).<br><br>A)When I call pam_authenticate() for user \
string&nbsp; &lt;DOMAIN_NAME&gt;\test it succeeds with only domain password \
(dompasswd ) and fails with localpasswd.(this is expected).<br><br>B)When I call \
pam_authenticate()  for userstring without Domain name "test" it return SUCCESS with \
both the passwords( local passwd and domain password).<br><br>for B) my appilcation \
is not able to identify whether user test is authenticated against local user or \
domain user.</font></font></font></div> <div style="margin-bottom: 0in; line-height: \
0.17in;"><font color="#000000"><font face="Helv, sans-serif"><font size="2">In some \
specific scenario where I want user to be authenticated only against local&nbsp; \
database and not against Domain database.<br><br>Can I use any other PAM API instead \
of pam_authenticate()?<br>or is there any way we can identify after authentication \
that  , the user which is authenticated is local user  or domain \
user?<br><br>Regards<br>Rupesh</font></font></font></div> <p>&#32;


      <!--6--><hr size=1></hr> Explore your hobbies and interests. <a \
href="http://in.rd.yahoo.com/tagline_groups_6/*http://in.promos.yahoo.com/groups/">Click \
here to begin.</a>



_______________________________________________
Pam-list mailing list
Pam-list@redhat.com
https://www.redhat.com/mailman/listinfo/pam-list

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic