I think I understand, you can do this for most services, including system login, ssh, etc... using PAM modules. In my case (not your case), I need to allow auth to local service as well as AD, so in my /etc/pam.d/common-account (note: your PAM structure may be different) and common-auth, I have (example is from common-account):
You could do something similar with pam_ldap. With regards to AD, you need to decide how you are doing that and whether or not you want to use winbind (which is what I use). There's a lot to PAM, it's very powerful, you may want read up on it first. I'm sure there are examples out there that do close to what you are wanting. Google is your friend.
Hello Everyone,
I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module?
Regards,
Harsha (0 Replies)
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I... (1 Reply)
Hi to all,
i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system.
In my ldap the users is posixAccount.
I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day.
cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome.
Obviously... (1 Reply)
Hi folks,
i have opends 1.2 manually installed
subversion 1.4.3 and apache2 updated by package manager.
i want to access svn using LDAP authentication
its giving an error:
ldap_simple_bind_s() failed.
what could be the problem.
i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Hi all,
I have two virtual machines, one with Suse and another with opensolaris 2009.06.
The ldap server is in the Suse machine.
From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:....
if i type id <ldapuser> i can see the user... (0 Replies)
Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003.
We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies
LEARN ABOUT LINUX
pam_localuser
PAM_LOCALUSER(8) Linux-PAM Manual PAM_LOCALUSER(8)NAME
pam_localuser - require users to be listed in /etc/passwd
SYNOPSIS
pam_localuser.so [debug] [file=/path/passwd]
DESCRIPTION
pam_localuser is a PAM module to help implementing site-wide login policies, where they typically include a subset of the network's users
and a few accounts that are local to a particular workstation. Using pam_localuser and pam_wheel or pam_listfile is an effective way to
restrict access to either local users and/or a subset of the network's users.
This could also be implemented using pam_listfile.so and a very short awk script invoked by cron, but it's common enough to have been
separated out.
OPTIONS
debug
Print debug information.
file=/path/passwd
Use a file other than /etc/passwd.
MODULE TYPES PROVIDED
All module types (account, auth, password and session) are provided.
RETURN VALUES
PAM_SUCCESS
The new localuser was set successfully.
PAM_SERVICE_ERR
No username was given.
PAM_USER_UNKNOWN
User not known.
EXAMPLES
Add the following line to /etc/pam.d/su to allow only local users in group wheel to use su.
account sufficient pam_localuser.so
account required pam_wheel.so
FILES
/etc/passwd
Local user account information.
SEE ALSO pam.conf(5), pam.d(5), pam(7)AUTHOR
pam_localuser was written by Nalin Dahyabhai <nalin@redhat.com>.
Linux-PAM Manual 06/04/2011 PAM_LOCALUSER(8)