[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LDAP+Kerberos

On Wednesday, December 06, 2000 18:05 +1100, Brian May 
<bam@snoopy.apana.org.au> wrote:
| Wow! I often thought this was... errr... questionable prompting for
| the password multiple times. However, I never realized that this
| behaviour could be changed.

*If* the module is written correctly.  Transarc's AFS PAM module isn't; it 
ignores {use,try}_first_pass, so it always prompts and the following module 
will also prompt if the AFS module fails.  (But then, what do you expect 
when Transarc's install instrictions say "all modules must be flagged 
'optional'"?  Which is false, BTW.)

brandon s. allbery     [os/2][linux][solaris][japh]    allbery@kf8nh.apk.net
system administrator        [WAY too many hats]          allbery@ece.cmu.edu
electrical and computer engineering                                    KF8NH
carnegie mellon university      ["better check the oblivious first" -ke6sls]