Re: Antwort: Re: Antwort: Re: Re: LDAP and sendmail

[Ben Collins <bcollins@debian.org>]

On Fri, Mar 05, 1999 at 12:16:12PM +0100, Masiar Ighani wrote:
>
> Hi Stuart,
>
> you´re right. Last week i patched qpopper to get his authentification
> information out of LDAP. It was really trivial.
> But what i didn´t understand (until yesterday) was, how can i tell
> sendmail/delivery agent that a given User "XYZ" is on the local machine
> WITHOUT USING /ETC/PASSWD but LDAP instead.
> Now i know that nss_ldap will do. However, i´ll figure it out in the next
> days. Thanks everybody for helping.

There is a simple solution, by using PAM you can have authentication
through both LDAP and the local system. There is a pam_ldap module at
www.padl.com (along with the nss_ldap module that can be used for
lookups).

I have this setup on my system, and login/passwd/su/exim work
seamlessly and transparently for local (root et al) as well as LDAP
users.

NOTE: some application require some code to get them to work with PAM,
but that is as trivial as getting them to work with LDAP.

--
-----    -- - -------- --------- ----  -------  -----  - - ---   --------
Ben Collins <b.m.collins@larc.nasa.gov>                  Debian GNU/Linux
OpenLDAP Core - bcollins@openldap.org                 bcollins@debian.org
UnixGroup Admin - Jordan Systems         The Choice of the GNU Generation
------ -- ----- - - -------   ------- -- ---- - -------- - --- ---- -  --