[Date Prev][Date Next] [Chronological] [Thread] [Top]

synchronisation password ldap/nis

To: openldap-software@OpenLDAP.org, ldap-nis@padl.com
Subject: synchronisation password ldap/nis
From: Jehan PROCACCIA <jehan.procaccia@int-evry.fr>
Date: Mon, 30 Jul 2001 08:36:57 +0200

hello,

I thought I could find discussions or docs about synchronisation of
password between ldap and nis, but i did'nt find something relevant in
the lists archive or google ...

I think of 2 solutions:

1) develop a script  (perl ...) , before I do this, please let me know
if some exists.

2) use PAM, I can change the password in ldap, thanks to pam_ldap
module:

$cat /etc/pam.d/passwd
#%PAM-1.0
auth       sufficient	/lib/security/pam_ldap.so
auth       required     /lib/security/pam_unix_auth.so use_first_pass
account    sufficient	/lib/security/pam_ldap.so
account    required     /lib/security/pam_unix_acct.so
password   required	/lib/security/pam_cracklib.so retry=3 type=Ldap/Unix
password   sufficient	/lib/security/pam_ldap.so use_authtok
password   required     /lib/security/pam_pwdb.so try_first_pass

(Notice I've added "use_authtok" for password, default file doesn't
include that !!)

Now I hope that I can stack modules so that password is changed either
in ldap and nis, but does anyone knows how to stack them.

adding a :

password   required	/lib/security/pam_unix

is it possible to do ?

Thanks
-- 
Jehan Procaccia
Institut National des Telecommunications| Email:
Jehan.Procaccia@int-evry.fr 
MCI, Moyens Communs Informatiques	| Tel  : +33 (0) 160764436 
9 rue Charles Fourier 91011 Evry France | Fax  : +33 (0) 160764321

Prev by Date: Re: openldap-slapd performance vs. Netscape-slapd ?
Next by Date: ACL
Index(es):
- Chronological
- Thread