# /etc/pam.d/common-auth - authentication settings common to most services.
# "Is this user who he claims to be?"
# jimc hacks for Kerberos (krb5) authentication

auth	requisite	pam_nologin.so
auth	required	pam_env.so
# SuSE 11.4 has pam_gnome_keyring for everyone.  I can't get it to work right.

# The first mechanism that recognizes the user is taken as authoritative.
auth	sufficient	pam_krb5.so	forwardable renewable try_first_pass 
auth	sufficient	pam_ldap.so	try_first_pass
auth	sufficient	pam_unix2.so	#set_secrpc try_first_pass(is dflt)

# No successes, kick off the luser.
auth	required	pam_deny.so
#auth	required	pam_homecheck.so	# don't want this.