[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: libpam libnss + ldap Authentication problem !

To: <openldap-software@OpenLDAP.org>
Subject: Re: libpam libnss + ldap Authentication problem !
From: "nate" <ldap@aphroland.org>
Date: Mon, 15 Jul 2002 21:08:23 -0700 (PDT)
Importance: Normal
In-reply-to: <01a701c22c77$136f3220$8d01a8a8@sysadmin>
References: <01a701c22c77$136f3220$8d01a8a8@sysadmin>

<quote who="Dino Ming">
> Dear All,
>
>   I'm confusing with these 2 packages (libpam and libnss). Is it
>   necessary to install both of them in order to perform ldap
>   Authentication under Debian Woody ? or just install any one of them is
>   enough ?
>
>  Could someone share his/her successful experience with me on this topic
>  ?


ive setup ldap auth on several woody and some potato machines ..

the answer to your question is yes and no.  you can store the
password information only in ldap, and store the rest(home directory,
uid/gid etc) in another source such as /etc/passwd /etc/group or
mysql or whatever.

if you want FULL ldap authentication where everything is in ldap you'll
need both nss and pam ldap modules installed and configured, i reccomend
nscd as well.  if you can 'finger' the account and have stuff come back
then the nss portion should be working ..

don't forget to change nsswitch.conf, debian's nss_ldap doesn't do
this automatically last i checked.

nate

Follow-Ups:
- Re: libpam libnss + ldap Authentication problem !
  - From: "Dino Ming" <ldap@dinovision.net>

References:
- libpam libnss + ldap Authentication problem !
  - From: "Dino Ming" <ldap@dinovision.net>

Prev by Date: Re: libpam libnss + ldap Authentication problem !
Next by Date: Re: libpam libnss + ldap Authentication problem !
Index(es):
- Chronological
- Thread