I have a linux machine which authenticate users to ldap, this is working fine. But I would like to limit users that logon to the machines to just the system admins.
The machines hosts different web sites which users accessed from there home directory like http://foo.mdx.ac.uk/~username
At the... (0 Replies)
Greetings!! I am attempting to solve a rather thorny issue and I was hoping that someone might have some insight into what is going on here..
At this point I have an openLDAP server that is working quite splendidly! :)
I have a working directory with users able to authenticate it and TLS... (2 Replies)
Hi,
I´m trying to make Solaris authenticate users in AD. NTP is working, nsswitch.ldap is listed above, DNS is Ok and I made something different in pam.conf, krb5.conf and sshd_config (see above)
nsswitch.ldap:
passwd: files ldap
group: files ldap
hosts: files dns
ipnodes: ... (0 Replies)
Please I am having problem to login using Active Directory Services 2008 R2 accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all users... (0 Replies)
Please I am having problem to login using Windows 2008 R2 Active Directory Services accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all... (1 Reply)
Hi,
I use a software which can create account on many system or application.
One of resource which is managed by this soft his a server SUSE Linux Enterprise Server 10 (x86_64). patch level 3.
This application which is an IBM application use ssh to launch command to create account in... (3 Replies)
Hi,
I would like to configure samba with PEM (with LDAP). I've already found, on the server, configured the PAM Authentication(with LDAP) for ssh. I wanted to know if it was possible to configure PAM for to authenticate to another LDAP only for SAMBA.
Is possibile duplicate the... (2 Replies)
Ran into this issue today and wanted to share how I fixed it as there is not a lot a lot of info online on this issue.
We upgraded our NetApp controllers to Ontap 9 and reboot all our iSCSI attached LDOMs after. One of the LDOM did not come up cleanly and it would not accept any keyboard inputs... (0 Replies)
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT DEBIAN
authen::simple::ldap
Authen::Simple::LDAP(3pm) User Contributed Perl Documentation Authen::Simple::LDAP(3pm)NAME
Authen::Simple::LDAP - Simple LDAP authentication
SYNOPSIS
use Authen::Simple::LDAP;
my $ldap = Authen::Simple::LDAP->new(
host => 'ldap.company.com',
basedn => 'ou=People,dc=company,dc=net'
);
if ( $ldap->authenticate( $username, $password ) ) {
# successfull authentication
}
# or as a mod_perl Authen handler
PerlModule Authen::Simple::Apache
PerlModule Authen::Simple::LDAP
PerlSetVar AuthenSimpleLDAP_host "ldap.company.com"
PerlSetVar AuthenSimpleLDAP_basedn "ou=People,dc=company,dc=net"
<Location /protected>
PerlAuthenHandler Authen::Simple::LDAP
AuthType Basic
AuthName "Protected Area"
Require valid-user
</Location>
DESCRIPTION
Authenticate against a LDAP service.
METHODS
o new
This method takes a hash of parameters. The following options are valid:
o host
Connection host, can be a hostname, IP number or a URI. Defaults to "localhost".
host => ldap.company.com
host => 10.0.0.1
host => ldap://ldap.company.com:389
host => ldaps://ldap.company.com
o port
Connection port, default to 389. May be overridden by host if host is a URI.
port => 389
o timeout
Connection timeout, defaults to 60.
timeout => 60
o version
The LDAP version to use, defaults to 3.
version => 3
o binddn
The distinguished name to bind to the server with, defaults to bind anonymously.
binddn => 'uid=proxy,cn=users,dc=company,dc=com'
o bindpw
The credentials to bind with.
bindpw => 'secret'
o basedn
The distinguished name of the search base.
basedn => 'cn=users,dc=company,dc=com'
o filter
LDAP filter to use in search, defaults to "(uid=%s)".
filter => '(uid=%s)'
o scope
The search scope, can be "base", "one" or "sub", defaults to "sub".
filter => 'sub'
o log
Any object that supports "debug", "info", "error" and "warn".
log => Log::Log4perl->get_logger('Authen::Simple::LDAP')
o authenticate( $username, $password )
Returns true on success and false on failure.
EXAMPLE USAGE
Apple Open Directory
my $ldap = Authen::Simple::LDAP->new(
host => 'od.company.com',
basedn => 'cn=users,dc=company,dc=com',
filter => '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(uid=%s))'
);
Microsoft Active Directory
my $ldap = Authen::Simple::LDAP->new(
host => 'ad.company.com',
binddn => 'proxyuser@company.com',
bindpw => 'secret',
basedn => 'cn=users,dc=company,dc=com',
filter => '(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))'
);
Active Directory by default does not allow anonymous binds. It's recommended that a proxy user is used that has sufficient rights to search
the desired tree and attributes.
SEE ALSO
Authen::Simple::ActiveDirectory.
Authen::Simple.
Net::LDAP.
AUTHOR
Christian Hansen "chansen@cpan.org"
COPYRIGHT
This program is free software, you can redistribute it and/or modify it under the same terms as Perl itself.
perl v5.14.2 2012-04-23 Authen::Simple::LDAP(3pm)