Hi Sean, thanks for your reply. The bit I was looking for actually was the radiusd.conf file, which has the correct config for directing authorization to ldap and authentication to pam.
I have just been doing some testing and i was wondering why it wasn't working, after an ldd and truss on the process (I am on solaris8), I noticed that the pam support isn't in here anyway and the truss showed it reading the shadow file. Am I missing something really obvious here, there isn't a pam option for configure that I can see, I hope I am not asking a dumb question here, but how do I build this with PAM support ? It looked like it was checking for pam .h files but i never saw any pam libs being linked in nor can I see pam_sm* functions in the code. Maybe I need a different build or a patch, I pulled down the current 0.81 thanks Mark Sean <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 28/06/2003 23:26 Please respond to [EMAIL PROTECTED] To [EMAIL PROTECTED] cc Subject Re: LDAP+PAM radiusd config You just want the pam piece? this needs to be radiusd, the auth-file(?) parameter piece is broken i think. or at least I didnt get it to work right.. The first part (commented) works but it requires a local user, the second one works without a local user, and you will want to replace the pam_afs.so module with the pam_krb5.so module. [EMAIL PROTECTED] pam.d]# more radiusd #%PAM-1.0 ###works but requires a local user #auth required /lib/security/pam_unix_auth.so shadow nullok #auth required /lib/security/pam_afs.so #auth required /lib/security/pam_nologin.so #account required /lib/security/pam_unix_acct.so #password required /lib/security/pam_cracklib.so #password required /lib/security/pam_unix_password.so shadow nullok use_aut htok #session required /lib/security/pam_unix_session.so ###### auth required /lib/security/pam_mine.so auth required /lib/security/pam_afs.so auth required /lib/security/pam_nologin.so account required /lib/security/pam_permit.so password required /lib/security/pam_permit.so password required /lib/security/pam_permit.so session required /lib/security/pam_permit.so On Sun, 29 Jun 2003, Mark van Kerkwyk wrote: > Hi, does anyone have a working radiusd.conf where both LDAP and PAM are > being used, LDAP for accounts/groups etc and PAM for auth to another > source. > > In my case case I will store all credentials in LDAP but send all auth via > pam_krb5 to our kerberos enrivonment. That way I have no passwords stored > or sent in the clear anywhere also. > > regards > > Mark > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
