[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Local home directory with ADS LDAP authentication

To: openldap-technical@openldap.org
Subject: Re: Local home directory with ADS LDAP authentication
From: Madhusudan Singh <singh.madhusudan@gmail.com>
Date: Fri, 15 Apr 2011 14:35:43 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=UIXKk8NdThykBDf9nvwqGyXQeFIruZtQmAKqKJOnlNo=; b=QBYgVckEmGhKO7/UQOzeBEPfjPO9ywQQGT4L1bW1fBrulXC6ZnnPRxgWkTh7hC85yd +fKMX+GNG2mupoFtrQauqjZRyqwzT5i58UTy/KfWkH5W2UU1sgmQoxDsi/FbMtiVoCwp ddkx8B/uT+mB1P9Xxjy0ebS3Csr6wL4joKvUk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=qYlH8UtBh5xleEGDhlMK33SpnsGdlXncqe5ELJmsuzIfVeMckxLhimStNhvKbk3tY9 NqfbCyOxv2nW0wKigzrm0Iw2LtsJrDhkFKmvBwxgxvmvluaZw+4E9/pZNVcidEkeq1Je zQa4lWPNrgZpYUuEY81I82vxWYAtWm2Ym76ws=
In-reply-to: <1302878242.3017.3.camel@sorbet.thuis.net>
References: <BANLkTin98MHXBdUtzq=Z-F8XZ-bgHk8waA@mail.gmail.com> <20110413133037.GA4572@dan.olp.net> <BANLkTikqQix-ERT=XBAy=4jm90=S4WtNig@mail.gmail.com> <1302878242.3017.3.camel@sorbet.thuis.net>

Can you give me some details of this ?

I do not want to mess up a working authentication mechanism if I can avoid it.

On Fri, Apr 15, 2011 at 9:37 AM, Arthur de Jong <arthur@arthurdejong.org> wrote:

On Wed, 2011-04-13 at 09:51 -0500, Madhusudan Singh wrote:
> The client is an OpenSuSE 11.2 machine that has a nss_ldap installed
> (along with pam_ldap). The IT folks also installed a binary-only
> module that permits the authentication to the University LDAP server.
> That is why I am using an old version of OpenSuSE.

You could give nss-pam-ldapd a try and copy the config from nss_ldap and
pam_ldap. It has a fancy syntax to overwrite certain attributes. E.g.
you could give all LDAP users a local home directory with
map passwd homeDirectory /home/CAMPUS/$uid

You can keep using pam_ldap if you like. Information about home
directories, user names, etc are provided by the NSS module, the PAM
module is responsible for authentication and password change.

--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

Follow-Ups:
- Re: Local home directory with ADS LDAP authentication
  - From: Arthur de Jong <arthur@arthurdejong.org>

References:
- Local home directory with ADS LDAP authentication
  - From: Madhusudan Singh <singh.madhusudan@gmail.com>
- Re: Local home directory with ADS LDAP authentication
  - From: Dan White <dwhite@olp.net>
- Re: Local home directory with ADS LDAP authentication
  - From: Madhusudan Singh <singh.madhusudan@gmail.com>
- Re: Local home directory with ADS LDAP authentication
  - From: Arthur de Jong <arthur@arthurdejong.org>

Prev by Date: Re: cn=config replication to consumer / slave servers
Next by Date: Re: cn=config replication to consumer / slave servers
Index(es):
- Chronological
- Thread