|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
openldap for authentication
hi every one i have installed opaenldap24 and i just want that my openldap client should be able to change the password using command passwd and i hve found that it needs pam integration i dont know how to fix this please help me out its very urgent to me........
|
|
|||
ya i did installed pam_lap and ldap.conf
|
|
||||
Should work then... Are you able to query your ldap server with ldapsearch?
__________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." |
|
|||
yes i am able to do ldapsearch aswel, but i dont know how user will change its password using passwd and not ldappasswd
|
|
||||
Have you added "ldap" to /etc/nsswitch.conf ?
__________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." |
|
|||
This might help
/etc/pam.d/passwd (add this above the pam_unix.so line): password sufficient /usr/local/lib/pam_ldap.so |
|
||||
The fate is interesting thing. Now I need to implement LDAP + SAMBA... I have spent four days by tackling and following different manuals to do this. Unfortunately, I am stuck in the phase where I need to modify the PAM settings so user in LDAP database can authenticate against it.
The problem I think so far is with PAM configuration, because the best result I could obtain is to modify password during logon (!!!). I.e. I enter user name followed by password, but the system prompts me for old password, the new one and to confirm the new password! And this behavior is in loop! Yes, I can query ldap server (slapcat and with getent) and I have installed nss_ldap.conf and ldap.conf files with accompanying secret password files. Also I have made sure that slapd.conf is more or less tuned and provides working server. Interesting stuff is happening with nscd daemon (nsswitch.conf)... I think there is some caching and Andrew Tridgel in his Samba by Example suggests to disable it. The worst is that there is no good information regarding pam + nss and also with ties FreeBSD + SAMBA + LDAP on the internet. Mailing lists, bulletins and devoted sites contain very scattered information and very often seriously outdated. ... Please, point to good resources or demand any config files (listing all of them would occupy lot of space). I feel quite lost and I am not far away to install SME server at least reinstall or packages and settings... System : FreeBSD 7.0-RELEASE, OpenLDAP-2.3, Samba-3.0... + pam_ldap + nss_ldap Last edited by coppermine; 16th July 2008 at 07:33 PM. |
|
|||
Hi coppermine, im looking to do the same thing. At the moment, just get Samba running as a PDC and authenticating against an OpenLDAP server (pam is for local authentication, right?).
As you have said, ive found many tutorials for various linux flavours and mailing list postings. But nothing really related to FreeBSD specifically. I think such a setup guide would be very helpful for FreeBSD users. The closest i have come to a full tutorial is this http://www.opensourcehowto.org/how-t...ba-as-pdc.html I have a openLDAP 2.3 server running that seems to be setup correctly (i can query it etc.) but im having problems getting Samba to authenticate against it. Im just stabbing around in the dark really, using mainly that guide above. Ill play around a bit more and see what i come up with over the next couple of days. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
OpenLDAP and MySQL | PatrickBaer | FreeBSD General | 1 | 4th November 2008 04:44 PM |