Re: LDAP auth troubles

2005-07-01 Thread Dan Nelson
In the last episode (Jul 01), Frank Bonnet said:
> Hello
> 
> I have a strange problem with a FreeBSD 5.4 NFS client
> 
> I have installed nss_ldap and pam_ldap then configure the
> /etc/pam.d/login file as follows :
> 
> # auth
> authrequiredpam_nologin.so  no_warn
> authsufficient  pam_self.so no_warn
> authsufficient  /usr/local/lib/pam_ldap.so
> authinclude system

You have to add it to all the files in pam.d/*.  Even though there's a
common "system" file, only "login" and "su" use it, so it doesn't do
much good.

-- 
Dan Nelson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


LDAP auth troubles

2005-07-01 Thread Frank Bonnet

Hello

I have a strange problem with a FreeBSD 5.4 NFS client

I have installed nss_ldap and pam_ldap then configure the
/etc/pam.d/login file as follows :

#
# $FreeBSD: src/etc/pam.d/login,v 1.16 2003/06/14 12:35:05 des Exp $
#
# PAM configuration for the "login" service
#

# auth
authrequiredpam_nologin.so  no_warn
authsufficient  pam_self.so no_warn
authsufficient  /usr/local/lib/pam_ldap.so
authinclude system

# account
account requisite   pam_securetty.so
account include system

# session
session include system

# password
passwordinclude system



The problem is I can "su - some-ldap-user" as root but I cannot
perform a normam login session with this user or I cannot ftp
to this machine.
I think authentication is not performed but I don't see where
I did the mistake, I am not really familiar with PAM so I think
I'm wrong somewhere but ... where ?

If I "su -" to some user I fall in the homedir of the user but
I have no write access to the homedir ...

We have a lot of LDAP clients ( Linux and HPUX )that access to the 
users's homedir thru NFS without problem.


Thanks a lot for any help.
--
Cordialement/Regards
Frank Bonnet
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Use LDAP auth at 5.2.1 ?

2004-03-19 Thread Uwe Laverenz
Frank Bonnet wrote:

Is there some howto to use nss_ldap and pam_ldap
at FreeBSD 5.2.1 ?
http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html

cu,
Uwe
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Use LDAP auth at 5.2.1 ?

2004-03-18 Thread Frank Bonnet
Hi

I just installed a 5.2.1 machine I want to use LDAP
authentication to login.
I've installed nss_ldap and pam_ldap but I need a bit
of help as it does not work for now.
Is there some howto to use nss_ldap and pam_ldap
at FreeBSD 5.2.1 ?
Thanks
--
Regards/Cordialement,
Frank Bonnet
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


LDAP auth

2004-02-20 Thread Sam Ricchio
I have a working OpenLDAP server with posix accounts all set up on them
for all my users.
What I need is:
1:  A freshly installed freebsd system with netatalk and samba installed
(from the ports collection) to get account  info from it
and create home directories on itself if the LDAP server says it should be
located on it.

Mostly I have Mac OS X clients attaching to it via afp and some XP clients.

I am using freebsd 5.2.  Should I use pam_ldap or what?
I cannot find a clear answer as to the best way to do this in the mail
archive's.
Or a clear way to go about doing it.
I just don't want to set up every user on the system.  I want all that
info to come from the LDAP server.
Sam



-- 
Sam Ricchio
Fullerton School District
[EMAIL PROTECTED]
714-447-7483
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


CHAP-Password & LDAP Auth?

2003-01-29 Thread Hilmi Hilmiev
I have installed RADIUS server with LDAP authentication and mySQL 
accounting. But I have problems with user's who use CHAP password In 
radius.log, I get message:
rlm_ldap: Attribute "User-Password" is required for authentication. 
Cannot use "CHAP-Password"
What is wrong? Have a way for solving this problem? I know that the 
problem is cuz LDAP use encrypted password in ldb, but have a way for 
config radius ldap module to work with both of the type password. Any idea?

10x in advanced!




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message


Re: FreeBSD & LDAP Auth

2002-07-19 Thread Nielsen

My first guess is UW imap requires local accounts and does not use PAM. But
I wouldn't know as I haven't had any experience with it.

I use courier-imap and it works like a charm. Got postfix/courier working
without local users, all under one userid. If you can't figure it out you
may want to give that a shot.

Cheers

Nate

- Original Message -
From: "Ted Wisniewski" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 18, 2002 20:17
Subject: FreeBSD & LDAP Auth


> Hi,
>
> I am having difficulty Authenticating IMAP/POP3 services
> vs. and LDAP server under FreeBSD.
>
> My Environment:
>
> 4.6-RELEASE-p1
> Openldap 2.0.25
> UW imap-2001a
> pam_ldap-150 (from padl.com)
>
> I have successfully gotten ftp/ssh/telnet to authenticate vs. the LDAP
> using the pam_ldap module..  However, the IMAP/POP3 servers will not
> not matter what I do to the ldap.conf file.
>
> Has anyone gotten POP/IMAP serves to authenticate vs. an LDAP on a
> similar set up?  If so, what (if anything) did you do to get it to work?
> Is there anything "special" that I have to put in pam.conf?
>
> Any help / advice would be greatly appreciated.
>
> Ted
>
> --
> |   Ted Wisniewski INET:  [EMAIL PROTECTED]|
> |   Information Technology Services [EMAIL PROTECTED] |
> |   Plymouth State College   |
> |   Plymouth NH, 03264   HTTP:  http://oz.plymouth.edu/~ted/ |
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questions" in the body of the message
>


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message



FreeBSD & LDAP Auth

2002-07-18 Thread Ted Wisniewski

Hi,

I am having difficulty Authenticating IMAP/POP3 services
vs. and LDAP server under FreeBSD.

My Environment:

4.6-RELEASE-p1
Openldap 2.0.25
UW imap-2001a
pam_ldap-150 (from padl.com)

I have successfully gotten ftp/ssh/telnet to authenticate vs. the LDAP
using the pam_ldap module..  However, the IMAP/POP3 servers will not
not matter what I do to the ldap.conf file.

Has anyone gotten POP/IMAP serves to authenticate vs. an LDAP on a
similar set up?  If so, what (if anything) did you do to get it to work?
Is there anything "special" that I have to put in pam.conf?

Any help / advice would be greatly appreciated.

Ted

-- 
|   Ted Wisniewski   INET:  [EMAIL PROTECTED]|
|   Information Technology Services [EMAIL PROTECTED] |
|   Plymouth State College   |
|   Plymouth NH, 03264   HTTP:  http://oz.plymouth.edu/~ted/ |

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message