[Date Prev][Date Next]
Re: libpam libnss + ldap Authentication problem !
Id like to store every new create user account inside ldap. I've tried a lot of test for authentication against my woody.......... sometimes it work, but after user login, look like the bash shell cannot lookup the user name from ldap........
Also, Can u kindly email me 1 set of your woody configuration for ldap configurations which included pam_ldap.conf, libnss-ldap.conf , /etc/pam.d/login , su, passwd, ssh ....etc, so that I can test it on my box ?
----- Original Message -----
From: "nate" <email@example.com>
Sent: Tuesday, July 16, 2002 12:08 PM
Subject: Re: libpam libnss + ldap Authentication problem !
> <quote who="Dino Ming">
> > Dear All,
> > I'm confusing with these 2 packages (libpam and libnss). Is it
> > necessary to install both of them in order to perform ldap
> > Authentication under Debian Woody ? or just install any one of them is
> > enough ?
> > Could someone share his/her successful experience with me on this topic
> > ?
> ive setup ldap auth on several woody and some potato machines ..
> the answer to your question is yes and no. you can store the
> password information only in ldap, and store the rest(home directory,
> uid/gid etc) in another source such as /etc/passwd /etc/group or
> mysql or whatever.
> if you want FULL ldap authentication where everything is in ldap you'll
> need both nss and pam ldap modules installed and configured, i reccomend
> nscd as well. if you can 'finger' the account and have stuff come back
> then the nss portion should be working ..
> don't forget to change nsswitch.conf, debian's nss_ldap doesn't do
> this automatically last i checked.