On Tue, 17 Apr 2001, Miguel wrote:
> Pablo Trujillo wrote:
> > I need to authenticate alone Imap with ldap and not with the users of the
> > system.How do I disable the users of the system for the imap
> > authentication?.
>
> On your /etc/pam.d/imap file, make sure that the module that is used for ath
> and for account is pam_ldap.so
>
According to pam_ldap.c, there's an option config=, so you should be
able to use a separate ldap configuration for each application's
authentication layer.
However, I don't have any experience with this. I'm just in a similar
boat (wanting sendmail and imap to use their own user ids that don't share
passwords with actual system accounts - besides having accounts for
multiple domains). I still don't know how nss and pam interact here.
The pam_ldap README seems to indicate the pam_ldap module relies on
nss_ldap, but the pam module code seems pretty complete on cursory
inspection.
If anyone can explain how nss and pam interact (or if they can just
conflict), please do. Or provide a pointer to the appropriate FAQ if
this is one.
Thanks,
Lynn
