#%PAM-1.0
#
# Managed by Salt
#
# Account-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the account modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired.
#
account requisite pam_unix.so try_first_pass
account sufficient pam_localuser.so
account required pam_sss.so use_first_pass