Archive:Solaris Shell Service

From Tardis
Jump to: navigation, search
This page is out of date and needs rewriting.
The content is likely to be incomplete or incorrect.
This service does not currently exist if you would like to reinstate it please contact us. The following information should be for historical interest only.

argolin.xen.tardis.ed.ac.uk

  • OpenSSH
  • (Will be) Externally accessible
  • Runs in xen instance on WOTAN

Configuration

We need to get user information from the LDAP server and authenticate against it. The following set up the basic configuration:

ldapclient manual -a authenticationMethod=none \
-a defaultSearchBase=dc=tardis,dc=ed,dc=ac,dc=uk \
-a defaultServerList=193.62.81.2 \
-a serviceAuthenticationMethod=pam_ldap:simple

It appears that specifying the server as a host name isn't good enough; not sure why...

You then need to edit /etc/pam.conf to use the pam_ldap module. Entries such as

other   auth required            pam_unix_auth.so.1

to

other   auth binding            pam_unix_auth.so.1 server_policy
other   auth required           pam_ldap.so.1

More information on the Sun directory guide and the ldapclient and pam_ldap manual pages.

Issues

  • Not mounting homedirs off NFS yet.