|
|
@ -5086,7 +5086,7 @@ int LDAPManager::writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr) {
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (pamConfig.enable_pkcs11_login) {
|
|
|
|
if (pamConfig.enable_pkcs11_login) {
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so use_first_pass first_pass_is_pin no_prompt try_pkinit" << "\n";
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done service_err=reset] pam_krb5.so use_first_pass no_prompt try_pkinit" << "\n";
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done] pam_pkcs11.so use_first_pass" << "\n";
|
|
|
|
stream << "auth [default=ignore success=done new_authtok_reqd=done] pam_pkcs11.so use_first_pass" << "\n";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
stream << "auth required pam_deny.so" << "\n";
|
|
|
|
stream << "auth required pam_deny.so" << "\n";
|
|
|
|