[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_ldap 0.04 released



Chris ALbone wrote:

>     I have put together a new version of pam_ldap.  It allows for
> authentication against a LDAP Directory.
> 
>     Changes since last version:
>     * a much more friendly config file
>     * supports checking for group membership as  a part of
> authentication

Cool!

>     * suports authentication via passwd comparison.

All this needs is for it to be able to be compared against different
password encryption schemes.

I propose that an additional optional parameter be introduced in
addition to the "passattr" paramter, perhaps called "passtype", with
values (off the top of my head):

cleartext	-	cleartext password.
crypt		-	standard unix password
nthash		-	nt password hash
nsmessage	-	netscape messaging server
.
.
.

This will allow you to validate yourself against a whole host of
systems.

>     I still haven't tried to compile pam_ldap on a solaris box. It has
> been tested on both a linux-pmac machine and an intel /RedHat 5.x
> machine.

How easy is it to remove the restriction that a user must exist in the
password file? I would like to start testing it on a box where dialin
PPP will be authenticated via PAM, and don't want users to have logins
on the box itself.

Regards,
Graham
-- 
-----------------------------------------
graham@vwv.com			"There's a moon
VWV Interactive				over Bourbon Street
						tonight...

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []