[prev in list] [next in list] [prev in thread] [next in thread]
List: pamldap
Subject: [pamldap] Additional Info: Configuration files
From: "Oreste Dimaggio" <oreste.dimaggio () epiclink ! it>
Date: 2002-10-16 8:22:50
[Download RAW message or body]
Hi,
this is my /etc/ldap.conf
base dc=intesatrade,dc=it
host itnisp01p.intesatrade.it
uri ldap://itnisp01p.intesatrade.it/
ldap_version 3
binddn cn=proxyuser,dc=intesatrade,dc=it
bindpw test
rootbinddn cn=Manager,dc=intesatrade,dc=it
timelimit 30
bind_timelimit 30
bind_policy hard
idle_timelimit 3600
pam_filter objectclass=account
pam_login_attribute uid
pam_password exop
nss_base_passwd ou=People,dc=intesatrade,dc=it?one
nss_base_shadow ou=People,dc=intesatrade,dc=it?one
nss_base_group ou=Group,dc=intesatrade,dc=it?one
ssl start_tls
This is /etc/pam.conf
login auth sufficient /usr/lib/security/pam_openldap.so.1
login auth required /usr/lib/security/pam_unix.so.1 try_first_pass
login auth required /usr/lib/security/pam_dial_auth.so.1
telnet auth sufficient /usr/lib/security/pam_openldap.so.1
telnet auth required /usr/lib/security/pam_unix.so.1 try_first_pass
rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin auth sufficient /usr/lib/security/pam_openldap.so.1
rlogin auth required /usr/lib/security/pam_unix.so.1 try_first_pass
dtlogin auth sufficient /usr/lib/security/pam_openldap.so.1
dtlogin auth required /usr/lib/security/pam_unix.so.1 try_first_pass
rsh auth required /usr/lib/security/pam_rhosts_auth.so.1
other auth sufficient /usr/lib/security/pam_openldap.so.1
other auth required /usr/lib/security/pam_unix.so.1 try_first_pass
#
# Account management
#
login account sufficient /usr/lib/security/pam_openldap.so.1
login account required /usr/lib/security/pam_unix.so.1
dtlogin account sufficient /usr/lib/security/pam_openldap.so.1
dtlogin account required /usr/lib/security/pam_unix.so.1
other account sufficient /usr/lib/security/pam_openldap.so.1
other account required /usr/lib/security/pam_unix.so.1
#
# Session management, not implemented by pam_openldap
#
other session sufficient /usr/lib/security/pam_openldap.so.1
other session required /usr/lib/security/pam_unix.so.1
#
# Password management
#
other password sufficient /usr/lib/security/pam_openldap.so.1
other password required /usr/lib/security/pam_unix.so.1
pam_ldap was compiled with:
./configure --enable-ssl --with-ldap-lib=openldap --with-ldap-dir=/opt/openl
dap2
Well, on the paper, it seems configured as it should be... at least for me.
---
Oreste Dimaggio - System Engineer
Epiclink S.p.a. http://www.epiclink.it
Tel: 0362-1855130 Fax: 0362-1855160
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic