From owner-freebsd-questions@FreeBSD.ORG Fri Jul 11 00:10:48 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C30A5106564A for ; Fri, 11 Jul 2008 00:10:48 +0000 (UTC) (envelope-from tajudd@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.182]) by mx1.freebsd.org (Postfix) with ESMTP id 948628FC22 for ; Fri, 11 Jul 2008 00:10:48 +0000 (UTC) (envelope-from tajudd@gmail.com) Received: by wa-out-1112.google.com with SMTP id j4so1996713wah.3 for ; Thu, 10 Jul 2008 17:10:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=gZekPk+els6GlFVnidNyM3paPfaFcgk8WtL3/spwmwQ=; b=ZFRV9r83MXDmVSB1Y8bUhX+WchCeTUvUx+2kNI5JrP1FsKnwoNOZShxtKMl//asTwv kH1RUT6euXHR9ZvjJaqjeHUNtHcJe9U5QwBeigAn/sGQN5Zz26X2LO/Tmm3zyiSxvi8r 1X/PVrO0nUtkxrJcrBBFPsN+6Bs0Scf+nr090= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=UJLXp3O+tIuj1FhjFa2shavOaFhfqYX1NXNqXhXHrTyooi6wAuhLNcmlTQ2dWXZNuV D/e+Uar7UCZkSrhAhXu3jL4ENjXioklVJKPTVRPh5HnjcNAXP/UvPd6dLTleesxJDZBa OJreXAaZdEq5ejmaWp70Mdpfutu9d9AI9Nk4o= Received: by 10.114.184.9 with SMTP id h9mr9209323waf.151.1215734619899; Thu, 10 Jul 2008 17:03:39 -0700 (PDT) Received: from tim-judds-mac-mini.local ( [76.113.34.1]) by mx.google.com with ESMTPS id 28sm898819wfd.4.2008.07.10.17.03.08 (version=SSLv3 cipher=RC4-MD5); Thu, 10 Jul 2008 17:03:39 -0700 (PDT) Message-ID: <4876A338.2010502@gmail.com> Date: Thu, 10 Jul 2008 18:03:04 -0600 From: Tim Judd User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: sgmayo@mail.bloomfield.k12.mo.us References: <2714.204.184.27.217.1215704516.squirrel@mail.bloomfield.k12.mo.us> In-Reply-To: <2714.204.184.27.217.1215704516.squirrel@mail.bloomfield.k12.mo.us> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "freebsd-questions@freebsd.org" , members@mlug.missouri.edu Subject: Re: Ldap NSS PAM Samba X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2008 00:10:48 -0000 sgmayo@mail.bloomfield.k12.mo.us wrote: > I am trying to setup a FreeBSD server with samba that uses OpenLdap. I > have installed everything and was doing some configuring. I set this all > up once before on a Linux box, but I basically just went through the > motions and really was not sure what all I did...but it worked. Now I > want to understand everything so that I know exactly what all I did. :) > > I have the following: > I installed OpenLdap which put ldap.conf in /usr/local/etc/openldap. > I installed PAM which put ldap.conf.dist in /usr/local/etc. > I installed NSS which put nss_ldap.conf in /usr/local/etc. > > >From looking at them I assume that the last two are the same file and one > of them just needs to be renamed to ldap.conf and configured for PAM and > NSS, is that correct? > > The ldap.conf in /usr/local/etc/openldap is a different config file even > though it has the same name? It is used for openldap and the other is > used for PAM and NSS? > > Thanks for any info. > > openldap/ldap.conf is the OpenLDAP client configuration. You're likely looking for the LDAP server configuration, openldap/slapd.conf etc/ldap.conf is for PAM, and etc/nss_ldap.conf are not to be merged. I've played ***VERY*** briefly with LDAP authentication through PAM and NSS, and both were required. I can't quote easily what the difference between NSS and PAM is, but all the docs I referenced from Google when I searched said I needed both.