Date: Wed, 26 Mar 2003 09:01:52 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: omestre@freeshell.org Cc: freebsd-hackers@freebsd.org Subject: Re: pam_ldap... Message-ID: <20030326150152.GG33671@madman.celabo.org> In-Reply-To: <20030326124420.388DE10160@ws-tor-0004.procergs> References: <20030326124420.388DE10160@ws-tor-0004.procergs>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 26, 2003 at 09:44:14AM -0300, omestre@freeshell.org wrote: > > Thanks for the answers, but why pam_ldap in FreeBSD, if i > can't authenticate in ldap servers? You _can_ authenticate. Pluggable _Authentication_ Modules (PAM). In the PAM model, authenticating is more or less just the act of confirming a username and password. > Sorry, but i can't understand... The part you are missing is that before you can authenticate, you must have account and authorization information. For UNIX services, this means that e.g. getpwnam() needs to find you. This is the job that NSS does. As you have noted, FreeBSD 5.0's NSS only does files, NIS, and Hesiod. One can mix and match ... users can be managed via NIS (using NSS), while authentication is handled by LDAP (using PAM), for example. i.e. PAM and NSS are two different, orthogonal systems, and any attempt to make assumptions on one based on the other will only result in confusion :-) > You did give me solutions with nis.. nis/gateway... where can > i find a "official" howto? The FreeBSD team do not talk about it. <URL: http://www.padl.com >, perhaps. > The last question? > Why FreeBSD do not support ldap authentication? (nss_ldap) > files, nis, hesiod??? do we live in the past? One of great > things in 5.0 release for me, should be this! :) Wait for FreeBSD 5.1. > Thanks again, and sorry by the english. Your English is easily understood, don't be sorry. But maybe don't use so many multiple-punctuation marks, such as ??? !!! It comes across rudely and I don't think that is what you wished. Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030326150152.GG33671>