Date: Tue, 05 Mar 2002 09:50:07 +0100 From: Soeren Schroeder <sch@cybercity.dk> To: Ted Wisniewski <ted@ness.plymouth.edu>, freebsd-questions@freebsd.org, freebsd-security@freebsd.org Subject: Re: PAM & LDAP - Pointer anyone? Message-ID: <5.1.0.14.2.20020305094742.058185d8@mx00.cybercity.dk> In-Reply-To: <200202270356.g1R3u5u25254@ness.plymouth.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
At 22:56 26-02-2002 -0500, Ted Wisniewski wrote: >I was wondering... Has anyone done this successfully? > >I have FreeBSD 4.5, OpenLdap 2.0.23 & pam_ldap-137 > >I have LDAP running, and configured where I can successfully Authenticate >FTP sessions. However, when I try to authenticate any other >service - no go. > >I am specifically intersted in: > > ssh, telnet, pop3, imap > >Since I have been able to do "ftp" I must be doing something correctly. > >pam.conf entry (for telnetd): > ># "telnetd" is for SRA authenticated telnet only. Non-SRA uses 'login' >telnetd auth required pam_ldap.so try_first_pass > >I also have ftpd: > >ftpd auth sufficient pam_skey.so >ftpd auth requisite pam_cleartext_pass_ok.so >ftpd auth sufficient pam_ldap.so >try_first_pass > > >Perhaps I am missing something obvious? If someone has done this and can >point me in the right direction, it would be much appreciated. A workaround is installing ypldapd: http://www.padl.com/ldap-nis_gateway.html A nis server on top of ldap. Works like a charm ! Then all your deamons works out of the box. We tried PAM LDAP and ditched it. -- Søren Schrøder - sch@cybercity.dk - PGP-key available on request "To define recursion, we must first define recursion." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20020305094742.058185d8>