Date: Thu, 16 Oct 2003 09:10:26 +0200 From: Cai Guo Qiang <morpheus00@gmx.net> To: freebsd-isp@freebsd.org Subject: auth ldap pam Message-ID: <D14437FB-FFA7-11D7-9EB3-000393465302@gmx.net>
next in thread | raw e-mail | index | archive | help
hi there, i've got a problem with the authentication of pam using ldap. well, it kind of works, but it seems that all services work not only those, which are configured in pam.d/ . example: i configured pam.d/sshd to use the ldap module and all other services remained unchanged. now it should be possible for a user, who's account is stored in the ldap directory, to log into the system over sshd. this worked, but the same user id could also log in using services such as ftp or http. this should not be possible, because only sshd is supposed to auth against ldap directory. perhaps you have the same problem and can help me. franz some configs: libnss-ldap.conf bzw. pam_ldap.conf: host 192.168.0.1 base dc=test,dc=com ldap_version 3 rootbinddn cn=root,dc=test,dc=com port 389 scope sub nsswitch.conf passwd: files ldap shadow: files ldap group: files ldap pam.d/sshd: auth required pam_ldap.so account required pam_ldap.so password required pam_ldap.so session required pam_ldap.so
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D14437FB-FFA7-11D7-9EB3-000393465302>