From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 15 02:45:26 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DDD9916A418
	for <freebsd-questions@freebsd.org>;
	Fri, 15 Feb 2008 02:45:26 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 5511A13C45E
	for <freebsd-questions@freebsd.org>;
	Fri, 15 Feb 2008 02:45:26 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.13.1/8.12.11) with ESMTP id m1F2jOXF000282
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 15 Feb 2008 09:45:24 +0700 (ICT)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.13.6/8.12.11) id m1F2jN6A013811;
	Fri, 15 Feb 2008 09:45:23 +0700 (ICT)
Date: Fri, 15 Feb 2008 09:45:23 +0700 (ICT)
Message-Id: <200802150245.m1F2jN6A013811@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: jontheil@gmail.com
In-reply-to: <8f82c35c0802140420w57a1d5dfpd12b86e57efd585d@mail.gmail.com>
	(jontheil@gmail.com)
References: <8f82c35c0802131110l7c678965qe6d0c3432f008254@mail.gmail.com>
	<000301c86ed2$17177560$0200a8c0@satellite>
	<8f82c35c0802140420w57a1d5dfpd12b86e57efd585d@mail.gmail.com>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: dmehler26@woh.rr.com, freebsd-questions@freebsd.org
Subject: Re: LDAP user authentication?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2008 02:45:26 -0000

Hi,

>  >I have googled for a very long time, but I haven't found any useful
>  > howto on this issue. Well, there is
>  > http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
>  > but that seems to be a bit confusing an not up-to-date. I guess it
>  > _should_ be possible - and indeed very useful (especially combinde
>  > with Samba PDC and an easily maintainlable mail server). So please, if

I read through the link you gave. My first impression is:

- pam-ldap is used for authentication: allow the user to login to the
  machine

- nss-ldap is used by the system when it needs to resolve things like
  gid<->group name, user home directory, etc.

I will give it a try soon.

Though I am looking one step ahead, how to allow a user to
authenticate to this machine and not that machine, using the same ldap
directory.

Bests,

Olivier