Re: pam/nss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Sep 21, Sir Alec wrote:

> Dear Experts,
>  
> I successfully set up an ldap server and some clients can 
> authenticate.
> What I am wondering about is the pam setup:
> I thought that the pam_unix2 module does the usual getXbyY calls using 
> glibc/nss. But unless I specify the pam_ldap module in the pam config. 
> I cannot log in.
>  
> Is there a document describing the layout?

NSS handles getting the struct passwd entry, PAM handles the
authentication. pam_unix2 cannot authenticate LDAP users, since
the NSS plugin for LDAP does not return crypted passwords. So
for this you need the pam_ldap module.

  Thorsten

-- 
Thorsten Kukuk         http://www.suse.de/~kukuk/      kukuk@xxxxxxx
SUSE LINUX Products GmbH       Maxfeldstr. 5       D-90409 Nuernberg
--------------------------------------------------------------------    
Key fingerprint = A368 676B 5E1B 3E46 CFCE  2D97 F8FD 4E23 56C6 FB4B

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux