[KLUG Members] user sign on to authenticate against LDAP?

Adam Williams members@kalamazoolinux.org
Thu, 27 Sep 2001 16:47:22 -0400 (EDT)

Previous message: [KLUG Members] user sign on to authenticate against LDAP?
Next message: [KLUG Members] user sign on to authenticate against LDAP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>We have LDAP installed and are converting all systems to authenticate
>against it.  Can anyone provide documentation or instructions such that when
>a person telnets into a linux box or ftps into the box, the authentication
>is done by LDAP?

/etc/pam.d/system-auth:
-----------------------
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/pam_ldap.so use_first_pass
auth        required      /lib/security/pam_deny.so

account     sufficient     /lib/security/pam_unix.so
account     sufficient    /lib/security/pam_ldap.so
account     required      /lib/security/pam_deny.so

password    sufficient    /lib/security/pam_ldap.so
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
session     optional      /lib/security/pam_ldap.so

On RH7.x this will make LDAP a default auth methind.  You may not want
this,  you should be able to do the same thing to indivual services.

-- 
-----------------------------------------------------------
Ximian GNOME, Evolution, LTSP, and RedHat Linux + LVM & XFS
-----------------------------------------------------------

Previous message: [KLUG Members] user sign on to authenticate against LDAP?
Next message: [KLUG Members] user sign on to authenticate against LDAP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]