Postgresql & PAM & active directory

Hi,

We recently upgraded to 8.3.9 (from 8.3.6) because we were having the issue described in the fix below. Our postgres user and other domain users with pam authentication were getting locked out, in accords with our group domain policy 10 failed login attemps in 30 minutes. I included some information about our environment below. Sadly, after the upgrade to 8.3.9, we are still experiencing this issue. Has any one else reported this issue still exists, after the 8.3.9 fix below?

Thanks in advance,

~DjK

##

Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it.

##

Linux and AD

The AD is running at a domain functional level of Windows Server 2003, however the schema is updated to Windows Server 2008.

Linux OS: SLES 9 sp4

2.6.5-7.308-smp #1 SMP Mon Dec 10 11:36:40 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux

## PAM -- postgres

auth required pam_unix2.so nullok

account required pam_unix2.so

## nsswitch.conf --

passwd: compat

group: compat

hosts: files dns

networks: files dns

services: files

protocols: files

rpc: files

ethers: files

netmasks: files

netgroup: files

publickey: files

bootparams: files

automount: files nis

aliases: files

passwd_compat: ldap

group_compat: ldap

_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469226/direct/01/