Hi,
Could someone confirm my understanding:
1) things like getent(1), getpwnam(3) use:
/etc/nsswitch
/usr/local/etc/nss_ldap.conf
2) things like sshd, with pam_ldap use:
/usr/local/etc/ldap.conf
So if I have different filter in /usr/local/etc/nss_ldap.conf and
/usr/local/etc/ldap.conf
Monday 23 February 2009 10:37:19 Olivier Nicole napisaĆ(a):
> I want the web server to be able to know the users' account stored on
> LDAP, but not provide authentication; so I can have URL's of the form
> http://my.web/~john/index.html for the user john, where john's home
> directory if NFS mounte
Ahhh. Cheeky bastards. You sit around and think "group" for 18 hours
with regard to POSIX Groups. Then it comes time to sit down and configure
"group membership" login restriction. But really, they are entirely
unrelated concepts. It even says in the man page:
"Specifies the distinguish
right!
...from pam_ldap(5):
PAM CONFIGURATION
It is possible to configure some aspects of pam_ldap on a per-service
basis, in the PAM configuration file (this is usually /etc/pam.conf;
for PAM implementations based on Linux-PAM, per-service files in
/etc/pam.d are a
This should be so insanely easy. I'm relatively certain this a
FreeBSD PAM specific issue. From "LDAP system administration [electronic
resource] / Gerald Carter. 1st ed. Beijing ; Sebastopol, CA : O'Reilly,
c2003."
in ldap.conf and nss_ldap.conf
--
# Group to enforce membership of
On 30 Aug, 2004, at 22:16, Konrad Heuer wrote:
On Mon, 30 Aug 2004, Curtis Vaughan wrote:
In order to get centralized logins to work on my Linux Debian
computers
(authenticating of a RedHat Samba server), I have to:
install libnss-ldap libpam-ldap.
Perform some configuration on the of /etc/libnss
On Mon, 30 Aug 2004, Curtis Vaughan wrote:
> In order to get centralized logins to work on my Linux Debian computers
> (authenticating of a RedHat Samba server), I have to:
>
> install libnss-ldap libpam-ldap.
> Perform some configuration on the of /etc/libnss-ldap.conf and
> /etc/pam-ldap.conf f
