Thanks for your reply. But we are ok to use NSS modules to get the uid and gid. We are looking at configuring NSS to use ldap for these details.
On Thu, Aug 18, 2011 at 11:32 AM, Jason Gerfen <jason.gerfen@xxxxxxxx> wrote:
I have a patch you could use that implements additional configuration settings to the krb5.conf, provides an optional compile switch for the existing pam_krb5 (--with-ldap), and specifically addresses the UID/GID mapping of remote users by creating a password-less local account (similar to caching mechanisms) for Active Directory/OpenLDAP users.
Of course the necessary POSIX account schema attributes per RFC 2307 (http://www.ietf.org/rfc/rfc2307.txt) are required within the directory service you wish to use for the UID, GID, HomeDirectory & DefaultShell account requirements but it should suit your needs.
Here is the patch: https://github.com/jas-/pam_krb5-ldap
Here is the original pam_krb5 provided by RedHat: https://fedorahosted.org/pam_krb5/
Here is additional documentation on the project to help with patching, compiling, installing and configuring (this might be slightly outdated): https://help.ubuntu.com/community/Alternate_Pam_Krb5LDAP_Authentication
Hope that helps some.
From: pam-list-bounces@xxxxxxxxxx [pam-list-bounces@xxxxxxxxxx] On Behalf Of preet $ [preet3039@xxxxxxxxx]
Sent: Thursday, August 18, 2011 9:27 AM
To: Pluggable Authentication Modules
Subject: Re: Hoe to get uid,gid through PAM
Thanks for your reply.
PreetOn Thu, Aug 18, 2011 at 1:38 AM, Thorsten Kukuk <kukuk@xxxxxxx<mailto:kukuk@xxxxxxx>> wrote:Pam-list@xxxxxxxxxx<mailto:Pam-list@xxxxxxxxxx>
On Wed, Aug 17, preet $ wrote:
> How do I get the user credentials such as uid, eid, and gid defined in
> various authentication mechanisms such as LDAP etc through PAM. Please
> provide some info on that.
You will not. PAM does only authenticate an user for you,
nothing more. What you mean is getpwnam() and similar functions
handled by NSS modules.
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Pam-list mailing list
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list