HI,
I think you might just need PTA plugin, unless you want to use a different PAM stack for the authentication. Here¹s some documentation for PTA. http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Using_the_Pass_through_ Authentication_Plug_in.html
Sun¹s documentation gives a good detail. http://docs.sun.com/source/817-7613/passthru.html
PAM-PTA: http://directory.fedoraproject.org/wiki/Howto:PAM_Pass_Through
I have implemented PAM PTA for authentication against Windows AD using kerberos stack.
-Prashanth
2010/3/19 Prashanth Sundaram psundaram@wgen.net:
HI,
I think you might just need PTA plugin, unless you want to use a different PAM stack for the authentication. Here’s some documentation for PTA. http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Using_the_Pass_through_...
Sun’s documentation gives a good detail. http://docs.sun.com/source/817-7613/passthru.html
PAM-PTA: http://directory.fedoraproject.org/wiki/Howto:PAM_Pass_Through
I have implemented PAM PTA for authentication against Windows AD using kerberos stack.
Hey thanks man.
I have PAM PTA with krb working fine as well.. However..I am trying to pass through to another LDAP server, how can i go about doing that? The base of the tree on the other LDAP server is different i want to use it to authenticate the accounts. The other tree has the equivalent of the uid attribute in a different attribute. I think my service file (ldapserver) is off. Anyone have PAM PTA to another LDAP server working? An example perhaps? I am getting operations errors trying to use PAM PTA. I know the passwords are correct so I am doing something incorrectly.
pam_passthru-plugin - => pam_passthru_bindpreop pam_passthru-plugin - pam msg [0] = 1 Password: pam_passthru-plugin - Error from PAM during pam_authenticate (6: Permission denied) pam_passthru-plugin - Unknown PAM error [Permission denied] for user id [test_user], bind DN [uid=test_user,dc=example,dc=com] pam_passthru-plugin - <= handled (error 1 - Operations error)
Thanks again
-Prashanth
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org