On Thu, Apr 21, 2011 at 12:13 AM, <[email protected]> wrote:
> which PAM entries in /etc/pam.conf would be used for smartcard
> selfregistration ?
The PAM service name used by the self-registration application is
'utselfreg'. This should be explained in a manpage, but I don't see
it. That's a bug.
On Linux SRSS should define an explicit PAM configuration for that
service. On Solaris SRSS does not define an explicit configuration, so
the PAM configuration for the default 'other' service will be used.
You can create your own 'utselfreg' configuration if the 'other' one is
unsuitable.
> is there any other daemon involved than utauthd ?
authd does not participate in self-registration, other than being a
distant ancestor of the application that performs the authentication
and registers the card.
> Does utauthd know what to do with LDAP based smartcard
selfregistration?
authd does not know or care about how self-registration authentication
is performed. The application that does the registration does not know
or care about LDAP, it simply invokes PAM which then executes whatever
PAM authentication modules are configured. If the PAM configuration
says to consult LDAP then that's what should happen.
OttoM.
__
Disclaimer: I am employed by Oracle. The statements and opinions
expressed here are my own and do not necessarily represent those
of Oracle Corporation.
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
