OpenLDAP and Pam Modules -- Wiki Instructions don't seem to work

kevdog · 2020-12-14 18:44:00

Hi - I'm using ArchLinux and stepping through how to configure ldap authentication with instructions directly from the wiki: https://wiki.archlinux.org/index.php/LD … SS_and_PAM

Enable sudo
To enable sudo from an LDAP user, edit /etc/pam.d/sudo. You will also need to modify sudoers accordingly.

/etc/pam.d/sudo
#%PAM-1.0
auth      sufficient    pam_ldap.so
auth      required      pam_unix.so  try_first_pass
auth      required      pam_nologin.so

My previous /etc/pam.d/sudo module looked like this:

#%PAM-1.0
auth		 include		system-auth
account		include		system-auth
session		include		system-auth

If I change the /etc/pam.d/sudo file to what is recommended in the wiki I get the following:

 sudo su
[sudo] password for kevdog:
sudo: account validation failure, is your account locked?
sudo: a password is required

Thank goodness I troubleshooted the su login steps prior to making these changes as I would have been totally locked up from admin access of the system. Are there different instructions I should follow since for me the wiki instructions do not work.

Last edited by kevdog (2020-12-14 18:44:26)

Arch Linux

#1 2020-12-14 18:44:00

OpenLDAP and Pam Modules -- Wiki Instructions don't seem to work

Board footer