Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Having PAM Auth enabled you can't login with no-PAM accounts, like usually the administrator account.
I think it's because developers overwrite the $form['#validate'] variable (on line 55 of pam_auth.module). If the pam_auth login fails, the normal Drupal users or other autethication methods won't work.
I'm working on a patch to fix the issue
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | pam_auth.patch | 730 bytes | Lk2 |
Comments
Comment #1
ngreimel commentedI'm not positive, but I think this works.
Change:
$form['#validate'][1] = 'pam_auth_distributed_validate';To:
array_unshift($form['#validate'], 'pam_auth_distributed_validate');Comment #2
Lk2 commentedI think that it would work, but this isn't the best way... because you are "jumping" the first authentication validator (the item on position 0). This validator is important because, if I remember well, is the one that check the name user isn't blocked or unathorized.
I do that (it's a very ugly way, but my knowledge of PHP is very limited):
change
$form['#validate'][1] = 'pam_auth_distributed_validate';for
In that way, the user first try to be loged with SQL users table, and if it fails (because the password doesn't match in the case of LDAP login), it makes a PAM Auth authentication.
I think that there is no problem in execute first PAM and then drupal login...
Here is my patch, if it's needed for somebody