[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP and PAM bind authentication
Hi,
I'm setting up a LDAP Authentication server too.
Yes, binding with the user itself with having no passwd
in a local file will be a much better idea.
Does someone use such a configuration ?
May be only a few small changes in pam_ldap are needed.
Then its possible to let the user only see his self without
the need of a extra account wich can see all possible user
which can log into this machine.
On Tue, Aug 21, 2001 at 08:25:10PM -0400, Tony Sciortino wrote:
> I am running an openldap server that does not allow anonymous bind.
> I have a linux box that is using PAM to do authentication by
> sending reuests for authentication to this ldap server.
> The way it is working is, I bind as a generic user and password, then
> pam sends the search request for the user trying to authenticate,
> verifies password and allows the login.
> How can I make PAM work with LDAP to bind to the server as the person
> trying to authenticate?
> If the authnticate failes because the user put in the wrong password,
> fine, I need to get rid of this generic id and it is crazy to bind
> as one id then ask for auth for another when it seems it could be
> done in one step.
>
> -Tony
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
--
Markus Benning
.^. .---------------------------------------.
/V\ | Tel. : +49 9131 7 21713 |
/( )\ | Email: Markus.Benning@siemens.com |
^^-^^ '---------------------------------------'
Open Source is a philosophy not a price tag!