[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP authentication problem
Alexander Brinkman wrote:
> > I have read the IMAP list of wu, and they say, the problem is
> > related to LDAP or
> > PAM.
>
>
> That is probably correct. The IMAP server's authentication is not different
> then that of su, login, ftp, etc. They all use PAM. And if PAM is configured
> correctly to use LDAP, then it should work.
> Perhaps you could give some more configuration details?
Ok, here is my /etc/pam.d/imap file:
---------------------------------------------
#%PAM-1.0
auth required /lib/security/pam_ldap.so
#auth required /lib/security/pam_unix_auth.so try_first_pass
account required /lib/security/pam_ldap.so
#account required /lib/security/pam_unix_acct.so
The slapd.conf
---------------------------------------------
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/slapd.at.conf
include /usr/local/etc/openldap/slapd.oc.conf
schemacheck off
#referral ldap://root.openldap.org/
pidfile /var/run//slapd.pid
argsfile /usr/local/var/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "o=idt.ipp.pt"
#suffix "o=idt.ipp.pt"
rootdn "cn=root,o=idt.ipp.pt"
#rootdn "cn=Manager, o=My Organization Name, c=US"
# cleartext passwords, especially for the rootdn, should
# be avoid. See slapd.conf(5) for details.
rootpw secret
# database directory
# this directory MUST exist prior to running slapd AND
# should only be accessable by the slapd/tools Mode 700 recommended.
directory /usr/local/var/openldap-ldbm
No probleam with security, the LDAP server is behind a firewall.
>
> Note: this is also probably not the correct list to discuss this. I think
> the nssldap from padl.com list would be better.
I understand your point, but i have joined and post questions related to my
problem( i think, its PAM related ) to the list, but till now, i got now
answers.
Sorry for the inconveniece.
Miguel