Archive:Solaris Shell Service

From Tardis
Revision as of 19:10, 9 August 2007 by Bacam (talk | contribs) (argolin)
Jump to: navigation, search

argolin.xen.tardis.ed.ac.uk

  • OpenSSH
  • (Will be) Externally accessible
  • Runs in xen instance on wotan

Configuration

We need to get user information from the LDAP server and authenticate against it. The following set up the basic configuration: 

ldapclient manual -a authenticationMethod=none \
-a defaultSearchBase=dc=tardis,dc=ed,dc=ac,dc=uk \
-a defaultServerList=193.62.81.2 \
-a serviceAuthenticationMethod=pam_ldap:simple

It appears that specifying the server as a host name isn't good enough; not sure why...

You then need to edit /etc/pam.conf to use the pam_ldap module. Entries such as 

other   auth required            pam_unix_auth.so.1

to 

other   auth binding            pam_unix_auth.so.1 server_policy
other   auth required           pam_ldap.so.1

Issues

  • Not mounting homedirs off NFS yet.
Retrieved from ‘https://wiki.tardis.ed.ac.uk/index.php?title=Archive:Solaris_Shell_Service&oldid=2347