[K12OSN] Join a smbldap server with a linux machine
Jesper Berth
big at santaz.dk
Sat Aug 13 21:43:52 UTC 2005
I am trying to make a login from a Fedora first just to learn how that
is done using authconfig
but i am in a doubt if i should use LDAP or WINBIND as userinformation
and what kind of aproval i should use MD5, SHADOW, LDAP, KERBEROS, SMB
or WINBIND
Jesper
cliebow at downeast.net wrote:
>If you are authing to a smbldap doamin you nedd to have /etc/ldap.conf
>right on the gentoo box..if it is at all like redhat..chuck
>
>
>
>>David Trask wrote:
>>
>>
>>
>>>"Support list for opensource software in schools." <k12osn at redhat.com> on
>>>Thursday, August 4, 2005 at 6:39 PM +0000 wrote:
>>>
>>>
>>>
>>>
>>>>I want to login from a linux machine too, a gentoo box
>>>>
>>>>
>>>>
>>>>
>>>Have fun...since there's nothing like authconfig (a fedora/rh tool) for
>>>gentoo....you have to do it all by hand
>>>
>>>Maybe something like this will help:
>>>
>>>If you don't rely on 'authconfig', you can edit your
>>>/etc/pam.d/system-auth by hand, to have something like the following:
>>>
>>>#%PAM-1.0
>>># This file is auto-generated.
>>># User changes will be destroyed the next time authconfig is run.
>>>auth required /lib/security/pam_env.so
>>>auth sufficient /lib/security/pam_unix.so likeauth nullok
>>>auth sufficient /lib/security/pam_ldap.so use_first_pass
>>>auth required /lib/security/pam_deny.so
>>>
>>>account required /lib/security/pam_unix.so
>>>account sufficient /lib/security/pam_ldap.so
>>>
>>>password required /lib/security/pam_cracklib.so retry=3 type=
>>>password sufficient /lib/security/pam_unix.so nullok use_authtok md5
>>>shadow
>>>password sufficient /lib/security/pam_ldap.so use_authtok
>>>password required /lib/security/pam_deny.so
>>>
>>>session required /lib/security/pam_limits.so
>>>session required /lib/security/pam_unix.so
>>>session optional /lib/security/pam_ldap.so
>>>
>>>Warning: a special attention must be taken about the account sufficient
>>>parameters as it seems RedHat authconfig tools place it as 'required' in
>>>any case (which is not the way you'll need)
>>>
>>>
>>>
>>>David N. Trask
>>>Technology Teacher/Coordinator
>>>Vassalboro Community School
>>>dtrask at vcsvikings.org
>>>(207)923-3100
>>>
>>>_______________________________________________
>>>K12OSN mailing list
>>>K12OSN at redhat.com
>>>https://www.redhat.com/mailman/listinfo/k12osn
>>>For more info see <http://www.k12os.org>
>>>
>>>
>>>
>>>
>>Okay it seems a little tough i found some help at the gentoo forums i'll
>>just have to play with it this week ... Thanks
>>
>>Jesper Berth
>>
>>_______________________________________________
>>K12OSN mailing list
>>K12OSN at redhat.com
>>https://www.redhat.com/mailman/listinfo/k12osn
>>For more info see <http://www.k12os.org>
>>
>>
>>
>
>
>---------------------------------------------
>This message was sent from Downeast.Net.
>http://ellsworthme.com/
>
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>
>
>
More information about the K12OSN
mailing list