[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Authenticate to OpenLDAP using PAM

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of

> I would like to authenticate to my OpenLDAP server in the same way I
> authenticate when I login (using PAM). After googling, I
> conclude most
> people are interested in the reverse: Using LDAP to authenticate when
> they login. I've also read
> "http://www.openldap.org/doc/admin22/security.html";, but it's
> not clear
> to what "user" and "password" correspond ...
> Specifically, can the "user" and "password" supplied to the "simple"
> OpenLDAP authentication method be checked using PAM?
> More generally, how can I authenticate to OpenLDAP using PAM?

Since PAM uses simple usernames and LDAP Simple Bind uses DNs, you need some
help to make this happen. Typically you would configure openldap
with --enable-spasswd and use {SASL} passwords, and point SASL off at PAM.

This is a pretty odd thing to want to do.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support