From owner-freebsd-questions@FreeBSD.ORG Mon Feb 23 09:37:22 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 04CD71065670 for ; Mon, 23 Feb 2009 09:37:22 +0000 (UTC) (envelope-from on@cs.ait.ac.th) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) by mx1.freebsd.org (Postfix) with ESMTP id 5C0678FC1E for ; Mon, 23 Feb 2009 09:37:21 +0000 (UTC) (envelope-from on@cs.ait.ac.th) Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5]) by mail.cs.ait.ac.th (8.13.1/8.13.1) with ESMTP id n1N9YeGB066518 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 23 Feb 2009 16:34:40 +0700 (ICT) (envelope-from on@banyan.cs.ait.ac.th) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.14.2/8.12.11) id n1N9bJ9l016999; Mon, 23 Feb 2009 16:37:19 +0700 (ICT) Date: Mon, 23 Feb 2009 16:37:19 +0700 (ICT) Message-Id: <200902230937.n1N9bJ9l016999@banyan.cs.ait.ac.th> From: Olivier Nicole To: freebsd-questions@freebsd.org X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/) Subject: LDAP pam X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Feb 2009 09:37:22 -0000 Hi, I have a LDAP server, a file server running NFS server and a web server running NFS client. I want the web server to be able to know the users' account stored on LDAP, but not provide authentication; so I can have URL's of the form http://my.web/~john/index.html for the user john, where john's home directory if NFS mounted from the file server, but I don't want john to be able to log onto the web server. Of course certain users will be allowed to log onto the web server. How can this be done with LDAP and PAM. TIA, Olivier