ldap pam configuration

bluethundr bluethundr at gmail.com
Thu Nov 18 00:02:49 UTC 2010

Hello list!

 I am running Karmic 9.10 server and need to setup pam to authenticate
against LDAP.

 Is there an automatic account management tool in ubuntu that is
similar to auth-config under red hat that would allow automatic
configuration of pam to do ldap lookups for it's information?

 I followed the pam ldap wiki on the ubuntu site but no dice.

 I tried to config my pam modules by hand. Here is an example of how I
went about it with my /etc/pam.d/common-auth file:

auth    required        pam_group.so use_first_pass
auth    sufficient      pam_ldap.so
auth    required        pam_unix.so nullok_secure use_first_pass
#auth	[success=2 default=ignore]	pam_unix.so nullok_secure
#auth	[success=1 default=ignore]	pam_ldap.so use_first_pass
# here's the fallback if no module succeeds
auth	requisite			pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
auth	required			pam_permit.so
# and here are more per-package modules (the "Additional" block)
# end of pam-auth-update config

I also tried using a script called pam-auth-update

My nsswitch is setup correctly, for example:

passwd files ldap

 and I am using getent passwd | grep test account to find a test
account that lives only in LDAP.

I'd appreciate any help you might have on this topic.


Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9

Share and enjoy!!

More information about the ubuntu-users mailing list