auth required	pam_env.so 
auth required	pam_unix.so try_first_pass likeauth nullok
#auth sufficient pam_ldap.so use_first_pass
auth optional	pam_permit.so
 
account required pam_unix.so
#account sufficient pam_ldap.so
account optional pam_permit.so
 
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 
password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow
#password sufficient pam_ldap.so use_authtok use_first_pass
password optional pam_permit.so
 
session required pam_limits.so 
session required pam_env.so 
session required pam_unix.so
session required pam_loginuid.so
session optional pam_permit.so
#session required pam_systemd.so
#session optional pam_ldap.so