summaryrefslogtreecommitdiffstats
path: root/data
diff options
context:
space:
mode:
authorSimon Rettberg2016-04-26 14:02:17 +0200
committerSimon Rettberg2016-04-26 14:02:17 +0200
commitcc7a265195079c63a694e24a528c444bfa6a2646 (patch)
treedb3a5b5c8e41a357bca5758669508ec870e1417b /data
parent[ipxe] use-cached was undocumented and has no effect anymore; use ifopen (diff)
downloadtmlite-bwlp-cc7a265195079c63a694e24a528c444bfa6a2646.tar.gz
tmlite-bwlp-cc7a265195079c63a694e24a528c444bfa6a2646.tar.xz
tmlite-bwlp-cc7a265195079c63a694e24a528c444bfa6a2646.zip
[ldap/ad] Add pam line for bwidm auth
Diffstat (limited to 'data')
-rw-r--r--data/ad/common-account5
-rw-r--r--data/ad/common-auth6
2 files changed, 7 insertions, 4 deletions
diff --git a/data/ad/common-account b/data/ad/common-account
index 5de6729..341a340 100644
--- a/data/ad/common-account
+++ b/data/ad/common-account
@@ -1,5 +1,6 @@
-account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
-account [success=1 default=ignore] pam_sss.so use_first_pass
+account [success=3 new_authtok_reqd=done default=ignore] pam_unix.so
+account [success=2 new_authtok_reqd=done default=ignore] pam_exec.so quiet /opt/openslx/scripts/pam_bwidm
+account [success=1 default=ignore] pam_sss.so
# here's the fallback if no module succeeds
account requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
diff --git a/data/ad/common-auth b/data/ad/common-auth
index 2fb9810..f7e97a5 100644
--- a/data/ad/common-auth
+++ b/data/ad/common-auth
@@ -1,6 +1,8 @@
-auth [success=2 default=ignore] pam_unix.so nullok_secure
-auth [success=1 default=ignore] pam_sss.so use_first_pass
+auth [success=4 default=ignore] pam_unix.so nodelay
+auth [success=3 default=ignore] pam_exec.so quiet expose_authtok /opt/openslx/scripts/pam_bwidm
+auth [success=2 default=ignore] pam_sss.so use_first_pass
# here's the fallback if no module succeeds
+auth optional pam_faildelay.so delay=2123123
auth requisite pam_deny.so
auth optional pam_script.so expose=1
# prime the stack with a positive return value if there isn't one already;