[prev in list] [next in list] [prev in thread] [next in thread]
List: nssldap
Subject: Re: [nssldap] Probably simple question ? Synchronizing ldap /etc/shadow
From: Donal Hunt <Donal.Hunt () dcu ! ie>
Date: 2002-12-11 10:48:40
[Download RAW message or body]
Why?
The user's shouldn't exist in the /etc/passwd and /etc/shadow files on
the system.
Unless you're doing something like we do and populate them so lookups on
uid are faster (NDS 5 doesn't index uid so lookups are pretty slow :(
). In our case the shadow password appears as *LDAP* to indicate LDAP
is doing authentication (based on *LK* for locked accounts - you could
put *BLAH* or anything between two "*"s).
Regards
Donal
DCU
Harry Rüter wrote:
>
> Hi,
>
> i'm using pam_ldap/nss_ldap to authenticate
> my users via ldap ...
>
> With my current configuration a change of users password it will change
> the "userPassword"-entry in ldap ..
>
> That's fine and that's what i want, but i would like the entry in
> /etc/shadow
> to be changed too.
>
> Here's my passwd-file from /etc/pam.d :
> ---snipp---
> #%PAM-1.0
> auth sufficient /lib/security/pam_ldap.so debug
> auth required /lib/security/pam_stack.so service=system-auth
> use_first
> account sufficient /lib/security/pam_ldap.so debug
> account required /lib/security/pam_stack.so service=system-auth
> password sufficient /lib/security/pam_ldap.so debug
> password required /lib/security/pam_stack.so service=system-auth
> try_first
> ---snipp---
>
> The users entry in ldap-tree is a "posixaccount".
>
> Can someone tell me what i have to do to implement
> the behaviour i described ?
>
> Greetings Harry
>
> PS.: Sorry if this is a question which is annoying you, because it has been
> asked
> so often before, but i couldn't find the solution in documentation
> ...
>
> --
> +++ GMX - Mail, Messaging & more http://www.gmx.net +++
> NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic