2010/3/19 Prashanth Sundaram psundaram@wgen.net:

HI,

I think you might just need PTA plugin, unless you want to use a different PAM stack for the authentication. Here’s some documentation for PTA. http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Using_the_Pass_through_...

Sun’s documentation gives a good detail. http://docs.sun.com/source/817-7613/passthru.html

PAM-PTA: http://directory.fedoraproject.org/wiki/Howto:PAM_Pass_Through

I have implemented PAM PTA for authentication against Windows AD using kerberos stack.

Hey thanks man.

I have PAM PTA with krb working fine as well.. However..I am trying to pass through to another LDAP server, how can i go about doing that? The base of the tree on the other LDAP server is different i want to use it to authenticate the accounts. The other tree has the equivalent of the uid attribute in a different attribute. I think my service file (ldapserver) is off. Anyone have PAM PTA to another LDAP server working? An example perhaps? I am getting operations errors trying to use PAM PTA. I know the passwords are correct so I am doing something incorrectly.

pam_passthru-plugin - => pam_passthru_bindpreop pam_passthru-plugin - pam msg [0] = 1 Password: pam_passthru-plugin - Error from PAM during pam_authenticate (6: Permission denied) pam_passthru-plugin - Unknown PAM error [Permission denied] for user id [test_user], bind DN [uid=test_user,dc=example,dc=com] pam_passthru-plugin - <= handled (error 1 - Operations error)

Thanks again

-Prashanth

389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users