[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [lukeh@xedoc.com.au: new pam_ldap module]

To: "'Axel Klatt'" <axel@isb.net>, <lukeh@xedoc.com.au>
Subject: RE: [lukeh@xedoc.com.au: new pam_ldap module]
From: "Luke Howard" <lukeh@xedoc.com.au>
Date: Fri, 25 Sep 1998 21:57:57 +1000
Cc: <openldap-general@openldap.org>
Importance: Normal
In-reply-to: <360B6133.BACDC8EA@isb.net>

> Is there an example for usage?
> (Linux redhat5.1, umich ldap3.3)

Well, I've only tested it under Solaris. So it's possible that it won't work
under Linux, but it should be fairly easy to fix (as I based the code on the
auth_unix module from Linux-PAM).

Here's part of /etc/pam.conf from my Solaris box:

rlogin   auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin   auth required  /usr/lib/security/pam_unix.so.1
rlogin   auth required  /usr/lib/security/pam_ldap.so.1 try_first_pass
rlogin   account required  /usr/lib/security/pam_ldap.so.1
other    password required /usr/lib/security/pam_ldap.so

> build my authentication objectclass (and put some content in it):
> #----------------------------------
> objectclass UserAccount

Did you invent UserAccount? If so, you should look at the posixAccount class
defined in RFC 2307:

objectclass posixAccount
   oid
      1.3.6.1.1.1.2.0
   superior
      top
   requires
      objectClass,
      cn,
      uid,
      uidNumber,
      gidNumber,
      homeDirectory
   allows
      userPassword,
      loginShell,
      gecos,
      description


-- Luke

References:
- Re: [lukeh@xedoc.com.au: new pam_ldap module]
  - From: Axel Klatt <axel@isb.net>

Prev by Date: Re: [lukeh@xedoc.com.au: new pam_ldap module]
Next by Date: Chinese characters
Index(es):
- Chronological
- Thread