[389-users] Documentation for pam pass
Techie
techchavez at gmail.com
Fri Mar 26 08:14:47 UTC 2010
2010/3/19 Prashanth Sundaram <psundaram at wgen.net>:
> HI,
>
> I think you might just need PTA plugin, unless you want to use a different
> PAM stack for the authentication. Here’s some documentation for PTA.
> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Using_the_Pass_through_Authentication_Plug_in.html
>
> Sun’s documentation gives a good detail.
> http://docs.sun.com/source/817-7613/passthru.html
>
> PAM-PTA:
> http://directory.fedoraproject.org/wiki/Howto:PAM_Pass_Through
>
> I have implemented PAM PTA for authentication against Windows AD using
> kerberos stack.
Hey thanks man.
I have PAM PTA with krb working fine as well..
However..I am trying to pass through to another LDAP server, how can i
go about doing that? The base of the tree on the other LDAP server is
different i want to use it to authenticate the accounts. The other
tree has the equivalent of the uid attribute in a different attribute.
I think my service file (ldapserver) is off. Anyone have PAM PTA to
another LDAP server working? An example perhaps?
I am getting operations errors trying to use PAM PTA. I know the
passwords are correct so I am doing something incorrectly.
pam_passthru-plugin - => pam_passthru_bindpreop
pam_passthru-plugin - pam msg [0] = 1 Password:
pam_passthru-plugin - Error from PAM during pam_authenticate (6:
Permission denied)
pam_passthru-plugin - Unknown PAM error [Permission denied] for user
id [test_user], bind DN [uid=test_user,dc=example,dc=com]
pam_passthru-plugin - <= handled (error 1 - Operations error)
Thanks again
>
> -Prashanth
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
More information about the 389-users
mailing list