[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Is SLAPD a PAM aware application ?

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Is SLAPD a PAM aware application ?
From: "Jacques Landru" <landru@enic.fr>
Date: Thu, 22 Jun 2000 12:05:19 +0200
Cc: <openldap-software@OpenLDAP.org>
References: <3.0.5.32.20000620081717.00990100@infidel.boolean.net>

> I don't suggest attempting the use the patch directly.  Instead I
> guess you lock reimplement as a RFC 2307 scheme by hacking
> liblutil/passwd.c.  I would suggest you review the devel version
> of this file

I have looked at the  devel version of lib/util/passwd.c, its modularity
would probably can help to integrate PAM call code.
In that file I have also seen some compilation directive for using the
CYRUS-SASL library
      #ifdef HAVE_CYRUS_SASL

It seems that this package we can authenticate using PAM.
It's in the PLAIN mode, which means, that the login data are
in clear text on the network.

If I find time and a test machine..., I will try to install the devel
version
with the CYRUS library and test PAM authentication.
If it works, I'll propagate the result in the list.

Jacques Landru


----- Original Message -----
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
To: "Jacques Landru" <landru@enic.fr>
Cc: <openldap-software@OpenLDAP.org>
Sent: Tuesday, June 20, 2000 5:17 PM
Subject: Re: Is SLAPD a PAM aware application ?


> At 05:10 PM 6/20/00 +0200, Jacques Landru wrote:
> >"Is SLAPD a PAM aware application ? "
>
> No.
>
> >In the mailing list archive I've found an old message posted in 1998,
> >http://www.openldap.org/lists/openldap-general/199809/msg00035.html
> >containing a  patch. I have some doubts about the possibity to use
> >it for the present OpenLdap version.
>
> I don't suggest attempting the use the patch directly.  Instead I
> guess you lock reimplement as a RFC 2307 scheme by hacking
> liblutil/passwd.c.  I would suggest you review the devel version
> of this file as it already supports other external password stores
> (but not PAM).  You should be able to apply similiar technics.
>
> You are, of course, encouraged to submit patches implementing
> new features.  See http://www.openldap.org/devel/contributing.html
> for guidelines on contributing.  Be sure to coordinate development
> activities on our developer mailing list.
>
> Kurt
>

Follow-Ups:
- Re: Is SLAPD a PAM aware application ?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: Is SLAPD a PAM aware application ?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: use ldap as an adressbook in outlook listed all persons
Next by Date: Re: Is SLAPD a PAM aware application ?
Index(es):
- Chronological
- Thread