[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_ldap 0.04 released

Chris ALbone wrote:

>     I have put together a new version of pam_ldap.  It allows for
> authentication against a LDAP Directory.
>     Changes since last version:
>     * a much more friendly config file
>     * supports checking for group membership as  a part of
> authentication


>     * suports authentication via passwd comparison.

All this needs is for it to be able to be compared against different
password encryption schemes.

I propose that an additional optional parameter be introduced in
addition to the "passattr" paramter, perhaps called "passtype", with
values (off the top of my head):

cleartext	-	cleartext password.
crypt		-	standard unix password
nthash		-	nt password hash
nsmessage	-	netscape messaging server

This will allow you to validate yourself against a whole host of

>     I still haven't tried to compile pam_ldap on a solaris box. It has
> been tested on both a linux-pmac machine and an intel /RedHat 5.x
> machine.

How easy is it to remove the restriction that a user must exist in the
password file? I would like to start testing it on a box where dialin
PPP will be authenticated via PAM, and don't want users to have logins
on the box itself.

graham@vwv.com			"There's a moon
VWV Interactive				over Bourbon Street

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []