|
|
|
@ -4087,7 +4087,7 @@ int LDAPManager::writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr) {
|
|
|
|
|
stream << "auth sufficient pam_unix.so nullok try_first_pass" << "\n";
|
|
|
|
|
stream << "auth [default=ignore success=1 service_err=reset] pam_krb5.so ccache=/tmp/krb5cc_%u use_first_pass" << "\n";
|
|
|
|
|
if (pamConfig.enable_cached_credentials) {
|
|
|
|
|
stream << "auth [default=die success=done] pam_ccreds.so action=validate use_first_pass" << "\n";
|
|
|
|
|
stream << "auth [default=2 success=done] pam_ccreds.so action=validate use_first_pass" << "\n";
|
|
|
|
|
stream << "auth sufficient pam_ccreds.so action=store use_first_pass" << "\n";
|
|
|
|
|
}
|
|
|
|
|
stream << "auth required pam_deny.so" << "\n";
|
|
|
|
|