[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pam_ldap.conf & libnss_ldap.conf configuration.



>Today, I have configurated my box to authentication with OpenLDAP
>successfully. Thanks for your kind attention on my problems. But now, I
>got the other problems/confusing about the pam_ldap.conf and
>libnss_ldap.conf files. Each of this file have binddn, bindpw, rootbinddn
>entires... should I uncomment them out of the config ?

All this is documented in the files that come with the auth_ldap package.
And in my LDAP presentation - ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf

>I've tried to comment out or uncomment them, but it look like these
>entires doesn't affect the system authentication....Why ??

They do for administrative tasks such as changing a users password as
root.

>Remarks : I follow this URL to setting up my box.
>http://www.mandrakesecure.net/en/docs/ldap-auth.php
>Lastly, I found the permission of these files are 644
>which mean user can read its content.. If I enter bindpw here,
>then user can view it.

Yes.

>Sound strange ?

You can put the bindpw in a seperate file only readable by root.