12-27-2012
Well, ssh can definitely use PAM if it is properly configured, and PAM can use external/remote databases like LDAP. So, it is not so much an ssh question as a PAM one.
LDAP Authentication HOWTO
7 More Discussions You Might Find Interesting
1. Linux
Dear All,
How to configure a Redhat 9 client to windows 2003 server. I have windows 2003 server which act has domain controller in my office. I have been asked to use redhat 9 has client. how to configure so that redhat 9 can authenticate with windows 2003 server .I have username created in... (0 Replies)
Discussion started by: solaris8in
0 Replies
2. Solaris
Hello all,
I heard that we can use Solaris to authenticate user with Active Directory. However, I do not see the point why we need to do that?? what's the benefit to authenticate user with Active Directory???
Example,
I have Solaris and I limited only 10 users can access Solaris production... (1 Reply)
Discussion started by: Smith
1 Replies
3. Solaris
Hello everybody .. i want connect with smbclient to an windows server 2003 with active directory. Exist a version of samba that can do this?
Thank you very much for your time.
Good Luck :b: (3 Replies)
Discussion started by: enkei17
3 Replies
4. SCO
Hi all.
I'm having real trouble authenticating users against active directory for my SCO UnixWare 7.1.4 box running samba 3.0.24 (installed via Maintenance pack 4). I can list AD users/groups (after overcoming several hiccups) with wbinfo -g / wbinfo -u. I can use id to get a view an ad user ie:... (0 Replies)
Discussion started by: silk600
0 Replies
5. Red Hat
Hi All,
I am a newb in this forums. I am a Linux admin and I hope I will get the solution here.
In my company I have setup AD and I can authenticate the windows machines using this AD, also able to apply policy.
Now I have installed some Linux machines but I can't able to authenticate via... (6 Replies)
Discussion started by: sahabcse
6 Replies
6. Solaris
Hi All, We are using solaris samba server for our company project to provide access to code to our development team.Recently our ICT has disabled wins service on Active directory due which user are not able to connect to samba share and they are getting error "No logon server available" as samba... (2 Replies)
Discussion started by: sahil_shine
2 Replies
7. HP-UX
The situation: i have a AD server with samba4,all clients
ssh-kerberos works fine,except hpux :p wich works
only for few days..then i must re-export(sic!) the keys with
samba-tool domain exportkeytab 11.keytab --principal=host/hpux.fqdn
Why after few days ssh return error "server not found... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies
LEARN ABOUT LINUX
pam_ldap
pam_ldap(8) System Manager's Manual pam_ldap(8)
NAME
pam_ldap - PAM module for LDAP-based authentication
SYNOPSIS
pam_ldap.so [...]
DESCRIPTION
This is a PAM module that uses an LDAP server to verify user access rights and credentials.
OPTIONS
use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
word.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user
for a password.
nullok Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM
framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ig-
nore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
a new password (it is analogous to use_first_pass).
debug This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass
LDAP checks for system users (e.g. by setting it to 1000).
MODULE SERVICES PROVIDED
All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.
FILES
/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
SEE ALSO
pam.conf(5), nslcd(8), nslcd.conf(5)
AUTHOR
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Version 0.8.10 Jun 2012 pam_ldap(8)