Le 17/06/2010 04:05, Indexer a écrit :
but when a user without the membership logins a notice appears that says "You must be a memberUid of cn=login,ou=Nemo,ou=Group,dc=chocolate,dc=lan to login.", but the user is still able to continue and login, and it is not enforcing the group membership.
It's purely a pam issue, and not an ldap one.
[..]
account required pam_nologin.so account required pam_login_access.so account optional pam_unix.so account optional /usr/local/lib/pam_ldap.so
It's a bit useless to have an 'optional' pam permission module...