Difference between revisions of "Archive:Solaris Shell Service"
From Tardis
(argolin) |
|||
| Line 24: | Line 24: | ||
other auth required pam_ldap.so.1 | other auth required pam_ldap.so.1 | ||
</pre> | </pre> | ||
| + | |||
| + | More information on [http://docs.sun.com/app/docs/doc/816-4556/6maort2sp?a=view the Sun directory guide] and the [http://docs.sun.com/app/docs/doc/816-5166/6mbb1kq6e?a=view ldapclient] and [http://docs.sun.com/app/docs/doc/816-5175/6mbba7f2g?a=view pam_ldap] manual pages. | ||
== Issues == | == Issues == | ||
Revision as of 20:03, 9 August 2007
argolin.xen.tardis.ed.ac.uk
- OpenSSH
- (Will be) Externally accessible
- Runs in xen instance on wotan
Configuration
We need to get user information from the LDAP server and authenticate against it. The following set up the basic configuration:
ldapclient manual -a authenticationMethod=none \ -a defaultSearchBase=dc=tardis,dc=ed,dc=ac,dc=uk \ -a defaultServerList=193.62.81.2 \ -a serviceAuthenticationMethod=pam_ldap:simple
It appears that specifying the server as a host name isn't good enough; not sure why...
You then need to edit /etc/pam.conf to use the pam_ldap module. Entries such as
other auth required pam_unix_auth.so.1
to
other auth binding pam_unix_auth.so.1 server_policy other auth required pam_ldap.so.1
More information on the Sun directory guide and the ldapclient and pam_ldap manual pages.
Issues
- Not mounting homedirs off NFS yet.
