AnsweredAssumed Answered

PAM Agent Lockcing AD User

Question asked by Roberto Manzo on Mar 9, 2018
Latest reply on Mar 12, 2018 by Roberto Manzo

Hi Sirs, goog afternoon!


I am trying to set the PAM Agent to authenticate using token and it is working fine but I have some particular things and I hope you can help me.

I am facing an issue with PAM Agent as follow:

 - When I configure the /etc/pam.d/sshd file adding the line "auth required" it works fine with local user (with token and without a token) but for AD user it is working only using token, I am not able to authenticate with an AD user without a token.

   So I have made some changes to make it works, I set the parameter "PAM_IGNORE_SUPPORT_FOR_USERS para 1 " into the /etc/sd_pam.conf file and I added the three lines "auth required / auth       sufficient try_first_pass / auth       sufficient use_first_pass" into the /etc/pam.d/sshd, this way I am able to authenticate with local user (with token and without a token) and with AD user (with token and without a token) but after some successful authentication the AD user is being locked in the Active Directory and I dont know why it is happening.


I hope I have been clear, if I was not clear please let me know.


Anyone can help me?


Thanks in advance.