Pam unix with LDAP server account lockout

From Brandonhutchinson.com

Revision as of 22:22, 14 December 2007 by Hutch (Talk | contribs)
Jump to: navigation, search

Overview

In order to support a legacy application, I have to meet the following requirements:

  • pam_unix must be used.
  • The Directory Server must only store user passwords in {crypt} format.

Requirements

The Directory Server must only store passwords in crypt format

The default user password storage scheme is SSHA. To change it to crypt, run the following command on both Directory Servers:

# dsconf set-server-prop pwd-storage-scheme:crypt
Personal tools