Difference between revisions of "Archive:Solaris Shell Service"
From Tardis
| Line 2: | Line 2: | ||
* OpenSSH | * OpenSSH | ||
* (Will be) Externally accessible | * (Will be) Externally accessible | ||
| − | * Runs in xen instance on [[ | + | * Runs in xen instance on [[WOTAN]] |
== Configuration == | == Configuration == | ||
Revision as of 17:22, 18 March 2010
argolin.xen.tardis.ed.ac.uk
- OpenSSH
- (Will be) Externally accessible
- Runs in xen instance on WOTAN
Configuration
We need to get user information from the LDAP server and authenticate against it. The following set up the basic configuration:
ldapclient manual -a authenticationMethod=none \ -a defaultSearchBase=dc=tardis,dc=ed,dc=ac,dc=uk \ -a defaultServerList=193.62.81.2 \ -a serviceAuthenticationMethod=pam_ldap:simple
It appears that specifying the server as a host name isn't good enough; not sure why...
You then need to edit /etc/pam.conf to use the pam_ldap module. Entries such as
other auth required pam_unix_auth.so.1
to
other auth binding pam_unix_auth.so.1 server_policy other auth required pam_ldap.so.1
More information on the Sun directory guide and the ldapclient and pam_ldap manual pages.
Issues
- Not mounting homedirs off NFS yet.
