[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [lukeh@xedoc.com.au: new pam_ldap module]



> Is there an example for usage?
> (Linux redhat5.1, umich ldap3.3)

Well, I've only tested it under Solaris. So it's possible that it won't work
under Linux, but it should be fairly easy to fix (as I based the code on the
auth_unix module from Linux-PAM).

Here's part of /etc/pam.conf from my Solaris box:

rlogin   auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin   auth required  /usr/lib/security/pam_unix.so.1
rlogin   auth required  /usr/lib/security/pam_ldap.so.1 try_first_pass
rlogin   account required  /usr/lib/security/pam_ldap.so.1
other    password required /usr/lib/security/pam_ldap.so

> build my authentication objectclass (and put some content in it):
> #----------------------------------
> objectclass UserAccount

Did you invent UserAccount? If so, you should look at the posixAccount class
defined in RFC 2307:

objectclass posixAccount
   oid
      1.3.6.1.1.1.2.0
   superior
      top
   requires
      objectClass,
      cn,
      uid,
      uidNumber,
      gidNumber,
      homeDirectory
   allows
      userPassword,
      loginShell,
      gecos,
      description


-- Luke