First Last Prev Next    This bug is not in your last search results.
Bug 38757 - UCC pam login krb5 vs. ldap issue
UCC pam login krb5 vs. ldap issue
Status: CLOSED WONTFIX
Product: Z_Univention Corporate Client (UCC)
Classification: Unclassified
Component: General
UCC 2.0
Other Linux
: P5 normal
: UCC 2.x
Assigned To: UCC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-06-23 15:47 CEST by Felix Botner
Modified: 2023-06-28 10:33 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2015-06-23 15:47:25 CEST 
root@kde2:~# more /etc/pam.d/common-auth| grep 'ldap\|krb'
auth    [authinfo_unavail=ignore success=2 default=3]   pam_krb5.so minimum_uid=1000 try_first_pass
auth    [authinfo_unavail=ignore success=1 default=2]   pam_ldap.so use_first_pass


root@kde2:~# more /etc/pam.d/common-account| grep 'ldap\|krb'
account [success=1 user_unknown=1 authinfo_unavail=1  default=ignore]   pam_ldap.so 
account required                        pam_krb5.so minimum_uid=1000

For auth pam_krb5 (samba4) is used, for account pam_ldap (openldap).

Problem: if samba (krb5) password expiry and openldap password expiry are not in sync, the login on UCC clients fails (auth pam_krb5 works but account pam_ldap fails)
Comment 1 Ingo Steuwer univentionstaff 2020-06-19 16:55:33 CEST 
UCC 1.x / 2.x is out of maintenance. In case this Bug is still relevant please clone with the correct version.
First Last Prev Next    This bug is not in your last search results.