Re: LDAP authentication with PAM

To: debian-devel@lists.debian.org
Subject: Re: LDAP authentication with PAM
From: Brian May <bam@debian.org>
Date: 16 Apr 2001 17:16:27 +1000
Message-id: <[🔎] 841yqtwbzo.fsf@snoopy.apana.org.au>
In-reply-to: <[🔎] 87snjacj6p.fsf@papadoc.bayour.com>
References: <[🔎] 84r8yyv1ob.fsf@snoopy.apana.org.au> <[🔎] 87snjacj6p.fsf@papadoc.bayour.com>

>>>>> "Turbo" == Turbo Fredriksson <turbo@bayour.com> writes:

    Turbo> Quoting Brian May <bam@debian.org>:
    >> I found documentation on how to setup LDAP PAM based
    >> authentication, in
    Turbo> [...]
    >> - openldap2 in unstable doesn't support SSL which is considered
    >> essential.  - no mention of how to get Kerberos support going
    >> via SASL.

    Turbo> When I did this, I was smart enough to write down all the
    Turbo> step's...  http://www.bayour.com/LDAPv3-HOWTO.html


Question:

in your slapd.conf you have:

# Should not be readable to anyone, and only editable by admin...
       access to attr=mailQuota,trustModel,accessTo
               by dn="<YOUR ADMIN DN>" write
               by dn="uid=ldapadm.+\+realm=<YOUR REALM>" write
               by self read
               by * none


and in pam_ldap.conf you have:

pam_filter objectclass=posixAccount)(|(trustmodel=fullaccess)(accessto=hostname.domainname.com)

but this line seems to require anonymous access to trustmodel and
accessto in order to work. Is there a mistake somewhere here? Or have
I missed something?
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: LDAP authentication with PAM
  - From: Turbo Fredriksson <turbo@bayour.com>

References:
- LDAP authentication with PAM
  - From: Brian May <bam@debian.org>
- Re: LDAP authentication with PAM
  - From: Turbo Fredriksson <turbo@bayour.com>

Prev by Date: Re: Debian X package shouldn't install XDM by default
Next by Date: Re: Debian X package shouldn't install XDM by default
Previous by thread: Re: LDAP authentication with PAM
Next by thread: Re: LDAP authentication with PAM
Index(es):
- Date
- Thread