From owner-freebsd-questions Wed Aug 4 7:29:20 1999 Delivered-To: freebsd-questions@freebsd.org Received: from voyager.fisicc-ufm.edu (ip-46-094.guate.net [200.12.46.94]) by hub.freebsd.org (Postfix) with ESMTP id 3CF1715153 for ; Wed, 4 Aug 1999 07:28:50 -0700 (PDT) (envelope-from obonilla@voyager.fisicc-ufm.edu) Received: (from obonilla@localhost) by voyager.fisicc-ufm.edu (8.9.3/8.9.3) id TAA03079; Tue, 3 Aug 1999 19:06:44 -0600 (CST) (envelope-from obonilla) Date: Tue, 3 Aug 1999 19:06:44 -0600 From: Oscar Bonilla To: Gregory Carvalho Cc: Hans-Christoph Steiner , Oscar Bonilla , freebsd-questions@FreeBSD.ORG Subject: Re: PAM documentation Message-ID: <19990803190644.C2962@fisicc-ufm.edu> References: <37A11B5C.4B0FCBA1@stcinc.com> <19990730084657.A611@fisicc-ufm.edu> <199908032142.RAA01931@yaga.razorfish.com> <37A76ADC.667E4E86@stcinc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: <37A76ADC.667E4E86@stcinc.com>; from Gregory Carvalho on Tue, Aug 03, 1999 at 03:19:08PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Aug 03, 1999 at 03:19:08PM -0700, Gregory Carvalho wrote: > I am extremely interested in leveraging PAM to use LDAP for user > authentication, and LDAP for other services as well. PADL Software > (http://www.padl.com/) has developed pam_ldap and nss_ldap. I have not > used LDAP on FreeBSD. Has anyone used these on FreeBSD 3.2 Release or > later? > The pam_ldap module compiles and installs (with minor tweaks) in FreeBSD. The problem is that since FreeBSD lacks a Name Service Switch (NSS) the PAM module authenticates the user but leaves him with no UID to username, etc. mappings whatsoever. We need to have a way to tell all of the get*ent functions in the C library to get their info from something besides files (LDAP would be great). I've started work on porting the NSS implementation from NetBSD to FreeBSD. I've "imported" the nsdispatch function to the C library but have not started making the get*ent functions aware of the new nsdispatch function. I'm still studying the code and gathering opinions on the best way to do it. There are some concerns about the ability to still make static executables (for stuff like /stand and /sbin) which apparently Solaris lacks. Other concerns are about having a dynamic load system a la libpam to be able to further add nss modules without having to mess with the C library. You're welcome to help :) Regards, -Oscar -- For PGP Public Key: finger obonilla@fisicc-ufm.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message