Difference between revisions of "Archive:Solaris Shell Service"

From Tardis
Jump to: navigation, search
Line 24: Line 24:
other  auth required          pam_ldap.so.1
other  auth required          pam_ldap.so.1
More information on [http://docs.sun.com/app/docs/doc/816-4556/6maort2sp?a=view the Sun directory guide] and the [http://docs.sun.com/app/docs/doc/816-5166/6mbb1kq6e?a=view ldapclient] and [http://docs.sun.com/app/docs/doc/816-5175/6mbba7f2g?a=view pam_ldap] manual pages.
== Issues ==
== Issues ==

Revision as of 21:03, 9 August 2007


  • OpenSSH
  • (Will be) Externally accessible
  • Runs in xen instance on wotan


We need to get user information from the LDAP server and authenticate against it. The following set up the basic configuration:

ldapclient manual -a authenticationMethod=none \
-a defaultSearchBase=dc=tardis,dc=ed,dc=ac,dc=uk \
-a defaultServerList= \
-a serviceAuthenticationMethod=pam_ldap:simple

It appears that specifying the server as a host name isn't good enough; not sure why...

You then need to edit /etc/pam.conf to use the pam_ldap module. Entries such as

other   auth required            pam_unix_auth.so.1


other   auth binding            pam_unix_auth.so.1 server_policy
other   auth required           pam_ldap.so.1

More information on the Sun directory guide and the ldapclient and pam_ldap manual pages.


  • Not mounting homedirs off NFS yet.