auth ldap pam
From: Cai Guo Qiang (morpheus00_at_gmx.net)
Date: 10/16/03
- Previous message: Adam Maloney: "NIS problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 16 Oct 2003 09:10:26 +0200 To: freebsd-isp@freebsd.org
hi there,
i've got a problem with the authentication of pam using ldap. well, it
kind of works, but it seems that all services work not only those,
which are configured in pam.d/ .
example: i configured pam.d/sshd to use the ldap module and all other
services remained unchanged. now it should be possible
for a user, who's account is stored in the ldap directory, to log into
the system over sshd. this worked, but the same user id could
also log in using services such as ftp or http.
this should not be possible, because only sshd is supposed to auth
against ldap directory.
perhaps you have the same problem and can help me.
franz
some configs:
libnss-ldap.conf bzw. pam_ldap.conf:
host 192.168.0.1
base dc=test,dc=com
ldap_version 3
rootbinddn cn=root,dc=test,dc=com
port 389
scope sub
nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
pam.d/sshd:
auth required pam_ldap.so
account required pam_ldap.so
password required pam_ldap.so
session required pam_ldap.so
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: Adam Maloney: "NIS problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
