Re: LDAP auth troubles
In the last episode (Jul 01), Frank Bonnet said: > Hello > > I have a strange problem with a FreeBSD 5.4 NFS client > > I have installed nss_ldap and pam_ldap then configure the > /etc/pam.d/login file as follows : > > # auth > authrequiredpam_nologin.so no_warn > authsufficient pam_self.so no_warn > authsufficient /usr/local/lib/pam_ldap.so > authinclude system You have to add it to all the files in pam.d/*. Even though there's a common "system" file, only "login" and "su" use it, so it doesn't do much good. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
LDAP auth troubles
Hello I have a strange problem with a FreeBSD 5.4 NFS client I have installed nss_ldap and pam_ldap then configure the /etc/pam.d/login file as follows : # # $FreeBSD: src/etc/pam.d/login,v 1.16 2003/06/14 12:35:05 des Exp $ # # PAM configuration for the "login" service # # auth authrequiredpam_nologin.so no_warn authsufficient pam_self.so no_warn authsufficient /usr/local/lib/pam_ldap.so authinclude system # account account requisite pam_securetty.so account include system # session session include system # password passwordinclude system The problem is I can "su - some-ldap-user" as root but I cannot perform a normam login session with this user or I cannot ftp to this machine. I think authentication is not performed but I don't see where I did the mistake, I am not really familiar with PAM so I think I'm wrong somewhere but ... where ? If I "su -" to some user I fall in the homedir of the user but I have no write access to the homedir ... We have a lot of LDAP clients ( Linux and HPUX )that access to the users's homedir thru NFS without problem. Thanks a lot for any help. -- Cordialement/Regards Frank Bonnet ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Use LDAP auth at 5.2.1 ?
Frank Bonnet wrote: Is there some howto to use nss_ldap and pam_ldap at FreeBSD 5.2.1 ? http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html cu, Uwe ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Use LDAP auth at 5.2.1 ?
Hi I just installed a 5.2.1 machine I want to use LDAP authentication to login. I've installed nss_ldap and pam_ldap but I need a bit of help as it does not work for now. Is there some howto to use nss_ldap and pam_ldap at FreeBSD 5.2.1 ? Thanks -- Regards/Cordialement, Frank Bonnet ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
LDAP auth
I have a working OpenLDAP server with posix accounts all set up on them for all my users. What I need is: 1: A freshly installed freebsd system with netatalk and samba installed (from the ports collection) to get account info from it and create home directories on itself if the LDAP server says it should be located on it. Mostly I have Mac OS X clients attaching to it via afp and some XP clients. I am using freebsd 5.2. Should I use pam_ldap or what? I cannot find a clear answer as to the best way to do this in the mail archive's. Or a clear way to go about doing it. I just don't want to set up every user on the system. I want all that info to come from the LDAP server. Sam -- Sam Ricchio Fullerton School District [EMAIL PROTECTED] 714-447-7483 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
CHAP-Password & LDAP Auth?
I have installed RADIUS server with LDAP authentication and mySQL accounting. But I have problems with user's who use CHAP password In radius.log, I get message: rlm_ldap: Attribute "User-Password" is required for authentication. Cannot use "CHAP-Password" What is wrong? Have a way for solving this problem? I know that the problem is cuz LDAP use encrypted password in ldb, but have a way for config radius ldap module to work with both of the type password. Any idea? 10x in advanced! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: FreeBSD & LDAP Auth
My first guess is UW imap requires local accounts and does not use PAM. But I wouldn't know as I haven't had any experience with it. I use courier-imap and it works like a charm. Got postfix/courier working without local users, all under one userid. If you can't figure it out you may want to give that a shot. Cheers Nate - Original Message - From: "Ted Wisniewski" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 18, 2002 20:17 Subject: FreeBSD & LDAP Auth > Hi, > > I am having difficulty Authenticating IMAP/POP3 services > vs. and LDAP server under FreeBSD. > > My Environment: > > 4.6-RELEASE-p1 > Openldap 2.0.25 > UW imap-2001a > pam_ldap-150 (from padl.com) > > I have successfully gotten ftp/ssh/telnet to authenticate vs. the LDAP > using the pam_ldap module.. However, the IMAP/POP3 servers will not > not matter what I do to the ldap.conf file. > > Has anyone gotten POP/IMAP serves to authenticate vs. an LDAP on a > similar set up? If so, what (if anything) did you do to get it to work? > Is there anything "special" that I have to put in pam.conf? > > Any help / advice would be greatly appreciated. > > Ted > > -- > | Ted Wisniewski INET: [EMAIL PROTECTED]| > | Information Technology Services [EMAIL PROTECTED] | > | Plymouth State College | > | Plymouth NH, 03264 HTTP: http://oz.plymouth.edu/~ted/ | > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
FreeBSD & LDAP Auth
Hi, I am having difficulty Authenticating IMAP/POP3 services vs. and LDAP server under FreeBSD. My Environment: 4.6-RELEASE-p1 Openldap 2.0.25 UW imap-2001a pam_ldap-150 (from padl.com) I have successfully gotten ftp/ssh/telnet to authenticate vs. the LDAP using the pam_ldap module.. However, the IMAP/POP3 servers will not not matter what I do to the ldap.conf file. Has anyone gotten POP/IMAP serves to authenticate vs. an LDAP on a similar set up? If so, what (if anything) did you do to get it to work? Is there anything "special" that I have to put in pam.conf? Any help / advice would be greatly appreciated. Ted -- | Ted Wisniewski INET: [EMAIL PROTECTED]| | Information Technology Services [EMAIL PROTECTED] | | Plymouth State College | | Plymouth NH, 03264 HTTP: http://oz.plymouth.edu/~ted/ | To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message