Re: pam_ldap.conf & libnss_ldap.conf configuration.

["Dino Ming" <ldap@dinovision.net>]

Thanks Adam,

  But its look like your presentation only describe the meaning of
binddn,bindpw and rootbinddn..... Or I've over looked some of them ?

Regards,
Dino Ming

----- Original Message -----
From: "Adam Williams" <adam@morrison-ind.com>
To: "Dino Ming" <ldap@dinovision.net>
Cc: <openldap-software@OpenLDAP.org>
Sent: Wednesday, July 17, 2002 8:48 PM
Subject: Re: pam_ldap.conf & libnss_ldap.conf configuration.


> >Today, I have configurated my box to authentication with OpenLDAP
> >successfully. Thanks for your kind attention on my problems. But now, I
> >got the other problems/confusing about the pam_ldap.conf and
> >libnss_ldap.conf files. Each of this file have binddn, bindpw, rootbinddn
> >entires... should I uncomment them out of the config ?
>
> All this is documented in the files that come with the auth_ldap package.
> And in my LDAP presentation - ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf
>
> >I've tried to comment out or uncomment them, but it look like these
> >entires doesn't affect the system authentication....Why ??
>
> They do for administrative tasks such as changing a users password as
> root.
>
> >Remarks : I follow this URL to setting up my box.
> >http://www.mandrakesecure.net/en/docs/ldap-auth.php
> >Lastly, I found the permission of these files are 644
> >which mean user can read its content.. If I enter bindpw here,
> >then user can view it.
>
> Yes.
>
> >Sound strange ?
>
> You can put the bindpw in a seperate file only readable by root.
>
>