Hoe to get uid,gid through PAM
preet $
preet3039 at gmail.com
Thu Aug 25 18:24:57 UTC 2011
Thanks for your reply. But we are ok to use NSS modules to get the uid and
gid. We are looking at configuring NSS to use ldap for these details.
Preet
On Thu, Aug 18, 2011 at 11:32 AM, Jason Gerfen <jason.gerfen at utah.edu>wrote:
> I have a patch you could use that implements additional configuration
> settings to the krb5.conf, provides an optional compile switch for the
> existing pam_krb5 (--with-ldap), and specifically addresses the UID/GID
> mapping of remote users by creating a password-less local account (similar
> to caching mechanisms) for Active Directory/OpenLDAP users.
>
> Of course the necessary POSIX account schema attributes per RFC 2307 (
> http://www.ietf.org/rfc/rfc2307.txt) are required within the directory
> service you wish to use for the UID, GID, HomeDirectory & DefaultShell
> account requirements but it should suit your needs.
>
> Here is the patch: https://github.com/jas-/pam_krb5-ldap
> Here is the original pam_krb5 provided by RedHat:
> https://fedorahosted.org/pam_krb5/
> Here is additional documentation on the project to help with patching,
> compiling, installing and configuring (this might be slightly outdated):
> https://help.ubuntu.com/community/Alternate_Pam_Krb5LDAP_Authentication
>
> Hope that helps some.
> jas
> ________________________________________
> From: pam-list-bounces at redhat.com [pam-list-bounces at redhat.com] On Behalf
> Of preet $ [preet3039 at gmail.com]
> Sent: Thursday, August 18, 2011 9:27 AM
> To: Pluggable Authentication Modules
> Subject: Re: Hoe to get uid,gid through PAM
>
> Thanks for your reply.
>
> Preet
> On Thu, Aug 18, 2011 at 1:38 AM, Thorsten Kukuk <kukuk at suse.de<mailto:
> kukuk at suse.de>> wrote:
> On Wed, Aug 17, preet $ wrote:
>
> > Hello,
> >
> > How do I get the user credentials such as uid, eid, and gid defined
> in
> > various authentication mechanisms such as LDAP etc through PAM. Please
> > provide some info on that.
>
> You will not. PAM does only authenticate an user for you,
> nothing more. What you mean is getpwnam() and similar functions
> handled by NSS modules.
>
> --
> Thorsten Kukuk, Project Manager/Release Manager SLES
> SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
> GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com<mailto:Pam-list at redhat.com>
> https://www.redhat.com/mailman/listinfo/pam-list
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20110825/6f1b0163/attachment.htm>
More information about the Pam-list
mailing list