[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Antwort: Re: Antwort: Re: Antwort: Re: Re: LDAP and sendmail
I figured out PAM, too. But it doesn´t feed my needs. We have 35 dedicated
decentralized Mailservers and one central Mailserver. We do not have any
need for Userlogins (so we don´t need PAM), expect for POP3 which could be
done with LDAP. Password changes are made via a secured web interface which
tracks the changes to the decentralized Mailservers.
Greetings,
Masiar
Ben Collins <bcollins@debian.org> on 05.03.99 14:32:20
An: Masiar Ighani <MIGHANI@debis.com>
Kopie: Stuart Lynne <sl@fireplug.net>, openldap-general@OpenLDAP.org
Thema: Re: Antwort: Re: Antwort: Re: Re: LDAP and sendmail
Aktion WV-Datum:
:
On Fri, Mar 05, 1999 at 12:16:12PM +0100, Masiar Ighani wrote:
>
> Hi Stuart,
>
> you´re right. Last week i patched qpopper to get his authentification
> information out of LDAP. It was really trivial.
> But what i didn´t understand (until yesterday) was, how can i tell
> sendmail/delivery agent that a given User "XYZ" is on the local machine
> WITHOUT USING /ETC/PASSWD but LDAP instead.
> Now i know that nss_ldap will do. However, i´ll figure it out in the next
> days. Thanks everybody for helping.
There is a simple solution, by using PAM you can have authentication
through both LDAP and the local system. There is a pam_ldap module at
www.padl.com (along with the nss_ldap module that can be used for
lookups).
I have this setup on my system, and login/passwd/su/exim work
seamlessly and transparently for local (root et al) as well as LDAP
users.
NOTE: some application require some code to get them to work with PAM,
but that is as trivial as getting them to work with LDAP.
--
----- -- - -------- --------- ---- ------- ----- - - --- --------
Ben Collins <b.m.collins@larc.nasa.gov> Debian GNU/Linux
OpenLDAP Core - bcollins@openldap.org bcollins@debian.org
UnixGroup Admin - Jordan Systems The Choice of the GNU Generation
------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --