[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: libpam libnss + ldap Authentication problem !
Hi Nate,
Id like to store every new create user account inside ldap. I've tried a lot of test for authentication against my woody.......... sometimes it work, but after user login, look like the bash shell cannot lookup the user name from ldap........
Also, Can u kindly email me 1 set of your woody configuration for ldap configurations which included pam_ldap.conf, libnss-ldap.conf , /etc/pam.d/login , su, passwd, ssh ....etc, so that I can test it on my box ?
Regards,
Dino Ming
----- Original Message -----
From: "nate" <ldap@aphroland.org>
To: <openldap-software@OpenLDAP.org>
Sent: Tuesday, July 16, 2002 12:08 PM
Subject: Re: libpam libnss + ldap Authentication problem !
> <quote who="Dino Ming">
> > Dear All,
> >
> > I'm confusing with these 2 packages (libpam and libnss). Is it
> > necessary to install both of them in order to perform ldap
> > Authentication under Debian Woody ? or just install any one of them is
> > enough ?
> >
> > Could someone share his/her successful experience with me on this topic
> > ?
>
>
> ive setup ldap auth on several woody and some potato machines ..
>
> the answer to your question is yes and no. you can store the
> password information only in ldap, and store the rest(home directory,
> uid/gid etc) in another source such as /etc/passwd /etc/group or
> mysql or whatever.
>
> if you want FULL ldap authentication where everything is in ldap you'll
> need both nss and pam ldap modules installed and configured, i reccomend
> nscd as well. if you can 'finger' the account and have stuff come back
> then the nss portion should be working ..
>
> don't forget to change nsswitch.conf, debian's nss_ldap doesn't do
> this automatically last i checked.
>
> nate
>
>
>
>