Date: Mon, 15 Jul 2013 11:54:16 -0700 From: Michael Loftis <mloftis@wgops.com> To: Daniel Eischen <deischen@freebsd.org> Cc: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: LDAP authentication confusion Message-ID: <CAHDg04v8xV-yaCXDzSbOzWEvHRMhDy8x0A=B2eho4iK4b1UuJA@mail.gmail.com> In-Reply-To: <Pine.GSO.4.64.1307151438370.8901@sea.ntplx.net> References: <Pine.GSO.4.64.1307151438370.8901@sea.ntplx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
nss_ldap fulfills most of the get*ent calls, thus based on the bits of your configuration you've exposed I think you're ending up with that behavior and not using pam_ldap at all. Instead the authentication is happening via nsswitch fulfilling getpwent() call's (the passwd: files ldap line in nsswitch.conf) On Mon, Jul 15, 2013 at 11:51 AM, Daniel Eischen <deischen@freebsd.org> wrote: > There's an article on LDAP authentication on FreeBSD here: > > http://www.freebsd.org/doc/en/articles/ldap-auth/article.html#client > > I'm confused as to why pam_ldap and nss_ldap do not need > /etc/pam.d entries, as described in the above link in > section 3.1.1. Meaning, I do not have any ldap entries > in my /etc/pam.d/ or even /usr/local/etc/pam.d/ and > ldap logins work (console, ssh, telnet, ftp). > > $ grep -i ldap /etc/pam.d/* > $ grep -i ldap /usr/local/etc/pam.d/* > > What am I missing? > > $ uname -v > FreeBSD slrtr1 9.1-STABLE FreeBSD 9.1-STABLE #0 r250347... > $ uname -m > amd64 > $ cat /etc/nsswitch.conf > group: files ldap > hosts: files dns > networks: files > passwd: files ldap > shells: files > services: files > protocols: files > rpc: files > > -- > DE > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- "Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds." -- Samuel Butler
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHDg04v8xV-yaCXDzSbOzWEvHRMhDy8x0A=B2eho4iK4b1UuJA>