'[pamldap] Additional Info: Configuration files'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] Additional Info: Configuration files
From:       "Oreste Dimaggio" <oreste.dimaggio () epiclink ! it>
Date:       2002-10-16 8:22:50
[Download RAW message or body]

Hi,

this is my /etc/ldap.conf

base dc=intesatrade,dc=it
host itnisp01p.intesatrade.it
uri ldap://itnisp01p.intesatrade.it/
ldap_version 3
binddn cn=proxyuser,dc=intesatrade,dc=it
bindpw test
rootbinddn cn=Manager,dc=intesatrade,dc=it
timelimit 30
bind_timelimit 30
bind_policy hard
idle_timelimit 3600
pam_filter objectclass=account
pam_login_attribute uid
pam_password exop
nss_base_passwd ou=People,dc=intesatrade,dc=it?one
nss_base_shadow ou=People,dc=intesatrade,dc=it?one
nss_base_group  ou=Group,dc=intesatrade,dc=it?one
ssl start_tls

This is /etc/pam.conf

login   auth sufficient /usr/lib/security/pam_openldap.so.1
login   auth required   /usr/lib/security/pam_unix.so.1 try_first_pass
login   auth required   /usr/lib/security/pam_dial_auth.so.1

telnet  auth sufficient /usr/lib/security/pam_openldap.so.1
telnet  auth required   /usr/lib/security/pam_unix.so.1 try_first_pass

rlogin  auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin  auth sufficient /usr/lib/security/pam_openldap.so.1
rlogin  auth required   /usr/lib/security/pam_unix.so.1 try_first_pass

dtlogin auth sufficient /usr/lib/security/pam_openldap.so.1
dtlogin auth required   /usr/lib/security/pam_unix.so.1 try_first_pass

rsh     auth required   /usr/lib/security/pam_rhosts_auth.so.1

other   auth sufficient /usr/lib/security/pam_openldap.so.1
other   auth required   /usr/lib/security/pam_unix.so.1 try_first_pass
#
# Account management
#
login   account sufficient /usr/lib/security/pam_openldap.so.1
login   account required /usr/lib/security/pam_unix.so.1

dtlogin account sufficient /usr/lib/security/pam_openldap.so.1
dtlogin account required /usr/lib/security/pam_unix.so.1

other   account sufficient /usr/lib/security/pam_openldap.so.1
other   account required /usr/lib/security/pam_unix.so.1
#
# Session management, not implemented by pam_openldap
#
other   session sufficient /usr/lib/security/pam_openldap.so.1
other   session required /usr/lib/security/pam_unix.so.1
#
# Password management
#
other  password sufficient /usr/lib/security/pam_openldap.so.1
other  password required /usr/lib/security/pam_unix.so.1


pam_ldap was compiled with:
./configure --enable-ssl --with-ldap-lib=openldap --with-ldap-dir=/opt/openl
dap2


Well, on the paper, it seems configured as it should be... at least for me.


---
Oreste Dimaggio - System Engineer
Epiclink S.p.a.   http://www.epiclink.it
Tel: 0362-1855130 Fax: 0362-1855160

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic