Ok, well i'm going to start getting this setup soon.
On Monday, June 12, 2017 3:30 PM, Joshua D Doll via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
I don't think PAM is needed at all, but I could be wrong.
Joshua D Doll
On June 12, 2017 4:28:14 PM EDT, Andrew Meyer via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Correct. So I would skip the adding of the pam module and just create a new pam config
file, right?
On Monday, June 12, 2017 2:54 PM, Joshua D Doll via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
I think you only want the PAM module if you are trying to authenticate your users via
tacacs for Linux. It sounds like you are trying to setup a tacacs server and using FreeIPA
as your user store. In which case you'll want to look at configuring the tacacs
service to talk to FreeIPA's LDAP
Joshua D Doll
On June 12, 2017 12:12:53 PM EDT, Andrew Meyer via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
So this post is having me compile the pam_tacacs. Do I still need to do that if I am
using
shrubbery.net TACACS+?
On Monday, June 12, 2017 10:15 AM, Andrew Meyer via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Haven't gotten that far yet. Want to set it up.
On Friday, June 9, 2017 6:08 PM, Jake via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
it's a pam module and works the same as others, if you are using hbac you'll need
to create a service for the module
https://serverfault.com/questions/425020/authenticate-linux-sshd-with-tac...
Anything specific you're having issues with?
-Jake
From: "freeipa-users" <freeipa-users(a)lists.fedorahosted.org>
To: "freeipa-users" <freeipa-users(a)lists.fedorahosted.org>
Cc: "Andrew Meyer" <andrewm659(a)yahoo.com>
Sent: Friday, June 9, 2017 10:13:52 AM
Subject: [Freeipa-users]FreeIPA and TACACS+
Has anyone gotten FreeIPA and TACACS+ from
shrubbery.net working?
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
--
Sent from my Android device with K-9 Mail. Please excuse my
brevity._______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
--
Sent from my Android device with K-9 Mail. Please excuse my
brevity._______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org