[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: FW: ppolicy in openldap

Running authconfig should take care of most, if not all of the necessary
config files...You may also find this wiki page on fds helpful:



-----Original Message-----
From: redhat-list-bounces redhat com [mailto:redhat-list-bounces redhat com]
On Behalf Of m roth2006 rcn com
Sent: Tuesday, January 13, 2009 12:04 PM
To: General Red Hat Linux discussion list
Subject: RE: FW: ppolicy in openldap


---- Original message ----
>Date: Tue, 13 Jan 2009 10:04:24 -0600
>From: "Allgood, John" <jallgood ohl com>  
>Thanks for the response.

>I found some rpms for the newer version of ldap from here
>http://staff.telkomsa.net/packages/rhel5/openldap and I just installed
>them. Looks like a lot of changes in this version. We are trying to
>implement and single signon system for our services and thought ldap
>would be a good choice. You mentioned using PAM with ldap can you
>provide me with a little more on that.

Right. *sigh* Wish I'd sent a copy of my instructions that I documented to
myself before I left my last contract.

<Digs into memory>
First, you need to edit nsswitch for passwd and shadow, at least, to point
to ldap then files.

Then you need to edit (or create) an /etc/pam_ldap.conf
There also needs to be an ldap.conf, to point to the openldap server. This
may, or may not, be in /etc/openldap.

Finally, you need to edit /etc/pam.d/system-auth, and insert 
for auth, and account (I think, and password, and *maybe* session, before
the line for pam_unix.so, one for pam_ldap.so

I think that's what you need. I don't guarantee I haven't missed


redhat-list mailing list
unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]