[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensolaris-rfe
Subject:    [osol-rfe] Re: Re: Re: Re: Solution to pam_ldap + ssh public keys
From:       Jason King <jason.brian.king () gmail ! com>
Date:       2006-06-30 21:37:46
Message-ID: 29973383.1151728718937.JavaMail.suncom () oss1
[Download RAW message or body]

The fix should be there for Solaris 8,9,10 (as well as Nevada).  I don't have the \
exact patch revisions handy, but it should be in the latest recommended patch bundle \
for each release.  There are two pieces to this though -- the pam_ldap update (in the \
Solaris patch bundles) + you must be running 5.2 Patch 4 (or later) of Sun's \
directory server.

Basically, they added a new LDAP server control in 5.2Patch4 that allows a connection \
to query the status of an entry (expired, locked, time till password change, etc.).  \
The corresponding Solaris patches add support into pam_ldap.so to make use of that \
control if present (if not there, I believe the current behavior will still apply).  
 
This message posted from opensolaris.org
_______________________________________________
opensolaris-rfe mailing list
opensolaris-rfe@opensolaris.org


[prev in list] [next in list] [prev in thread] [next in thread]