I did look at the package briefly but didn't use them. RedHat 8 comes with the necessary packages prebuilt. I decided to start with those and see how far I can get. I'll check out that link in a bit. I've had a few other's respond with solutions. My thanks to everyone :-) Quoting Justin Zygmont <jzygmont@solarflow.dyndns.org>: > there's a way around that problem: > > http://www.openldap.org/lists/openldap-software/200010/msg00097.html > > which is why I had wondered how some other pam files should be setup, > like > samba. Did you see the pam examples in the nss-ldap package? > > > On Mon, 24 Feb 2003, sentinel wrote: > > > Everything else? You mean besides ssh? Well.. I'm definitely not an > > expert in PAM nor Ldap. I've been working hard core with it the last > month > > and learned a great deal (we're implementing ldap for single source > sign > > on). We plan on using it for much more including Apache > authentication, > > address book management and so on. Other services such as login seem > to > > work fine with ldap setup this way. I haven't tried many beyond login, > ssh > > and apache (with ldap authentication). > > > > Something I'm unhappy about ldap and authentication is a lack of > > flexability. When ldap is unavailable then local files are not > queried. > > It's really weird. I have my nsswitch.conf setup to check local files > first > > then ldap. You would think I can still login with local user accounts > > regardless of my ldap status. Nope. Someone in the redhat list > mentioned > > it was a bug with nss_ldap. ::sigh:: > > > > To resolve this problem I'm setting up 3 ldap servers :-) Just in > case. > > Otherwise I'm thrilled over our solution. Now if we could only resolve > the > > pam_mkhomedir problem with ssh running privsep :-) > > > > One thing at a time ::grinz:: > > > > > > > > Quoting Justin Zygmont <jzygmont@solarflow.dyndns.org>: > > > > > oh, that. what about everything else though, there are examples > from > > > the > > > nss-ldap package but I noticed some of them don't even work. Time > to > > > read > > > up on pam:) > > > > > > > > > On Mon, 24 Feb 2003, sentinel wrote: > > > > > > > I have an ldap server and clients running redhat 8.0. Authconfig > > > modified > > > > the pam files when I enabled ldap authentication. Actually it > didn't > > > modify > > > > sshd however system-auth was modified with the ldap entries. > > > > > > > > > > > > > > > > Quoting Justin Zygmont <jzygmont@solarflow.dyndns.org>: > > > > > > > > > not the pam files. > > > > > > > > > _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
