ldap pam configuration
bluethundr at gmail.com
Thu Nov 18 00:02:49 UTC 2010
I am running Karmic 9.10 server and need to setup pam to authenticate
Is there an automatic account management tool in ubuntu that is
similar to auth-config under red hat that would allow automatic
configuration of pam to do ldap lookups for it's information?
I followed the pam ldap wiki on the ubuntu site but no dice.
I tried to config my pam modules by hand. Here is an example of how I
went about it with my /etc/pam.d/common-auth file:
auth required pam_group.so use_first_pass
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure use_first_pass
#auth [success=2 default=ignore] pam_unix.so nullok_secure
#auth [success=1 default=ignore] pam_ldap.so use_first_pass
# here's the fallback if no module succeeds
auth requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
auth required pam_permit.so
# and here are more per-package modules (the "Additional" block)
# end of pam-auth-update config
I also tried using a script called pam-auth-update
My nsswitch is setup correctly, for example:
passwd files ldap
and I am using getent passwd | grep test account to find a test
account that lives only in LDAP.
I'd appreciate any help you might have on this topic.
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9
Share and enjoy!!
More information about the ubuntu-users