[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Linux user authentication and shaodw passwords
On Tue, May 30, 2000 at 04:47:42PM -0300, Andreas Hasenack wrote:
> Em Tue, May 30, 2000 at 02:26:08PM -0500, nwiebe@lynxgl.com escreveu:
> >
> > Hi,
> > I'm having a _really_ hard time finding any sort of complete docs on how
> > to get linux (rh6.2) to authenticate to an openldap 1.2.9-6 server running
> > on the same computer. I've migrated /etc/*, and 'ldapsearch -d 5 -L
> > "(objectclass=*)"' returns a whole mess of stuff, but the passwords don't
> > seem to have migrated properly. I have 'auth sufficient
> > /lib/security/pam_ldap.so' in /etc/pam.d/login, and I get prompted for a
> > LDAP password, but it dosen't matter what I type in for the LDAP password,
> > the system just authenticates agains't the normal unix passwd.
> > Also, if I add a new user to the system, how does that new user get
> > added to the ldap database?
> > pointers to docs would be much appreciated.
>
> RedHat has an article, but they don't show how to configure/use pam_ldap, just
> nss, which you should also have installed if you don't want any user info in
> your /etc/* files
The easiest thing to do is copy the pam config files out of
/usr/doc/nss_ldap*/pam.d/. May need to season to taste, but for most
configs, they work out of the box.
Of course, if nss_ldap is being used, and your using pam_unix,
then you dont need to use pam_ldap, as pam_unix will use the crypted passwd
getent and friends returns.
for more info:
http://www.redhat.com/support/manuals/RHL-6.2-Manual/ref-guide/s1-ldap-redhattips.html
and/or
http://people.redhat.com/alikins/ldap
Adrian