Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 1 Oct 2004 10:31:16 +0100
From:      Dick Davies <rasputnik@hellooperator.net>
To:        Bret Walker <bret-walker@northwestern.edu>
Cc:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: Pam_ldap
Message-ID:  <20041001093116.GB26679@lb.tenfour>
In-Reply-To: <00bd01c4a745$348c79e0$b1336981@medill.northwestern.edu>
References:  <00bd01c4a745$348c79e0$b1336981@medill.northwestern.edu>

next in thread | previous in thread | raw e-mail | index | archive | help
* Bret Walker <bret-walker@northwestern.edu> [1028 00:28]:
> I've been trying all day to get pam_ldap to authenticate an ssh session
> against Active Directory.  I thought that I had found the perfect HOWTO
> (read: one that didn't require nss_ldap), but its instructions didn't seem
> to get it working on my system.
>=20
> I've read that can authenticate to AD with pam_ldap alone, and I've read
> that you can't, as well.  Does anyone have any experience doing this w/o
> nss_ldap.  I'm running 4.10, and I don't think it has support for
> nss_ldap.
>=20
> If anyone has any advice, I'd love to hear it.

You're not going to need nss_ldap if you just want to validate a password.
But it sounds a bit odd to have existing users in /etc/passwd and only have
the password itself from AD - and if the users don't exist in /etc/passwd
the system won't be able to log them in.

What was the howto you used?


--=20
I think it is true for all _=08n. I was just playing it safe with _=08n >=
=3D 3
because I couldn't remember the proof.
		-- Baker, Pure Math 351a
Rasputin :: Jack of All Trades - Master of Nuns



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041001093116.GB26679>