pam_opendirectory(8) BSD System Manager's Manual pam_opendirectory(8)
NAME
pam_opendirectory -- OpenDirectory PAM module
SYNOPSIS
[service-name] function-class control-flag pam_opendirectory [options]
DESCRIPTION
The OpenDirectory PAM module supports the authentication, account management and password management function classes. In terms of the
function-class parameter, these are ``auth'', ``account'' and ``password'' respectively.
The OpenDirectory Authentication Module
The OpenDirectory authentication module permits or denies users based on OpenDirectory password authentication.
The following option may be passed to this authentication module:
nullok Allow null passwords.
The OpenDirectory Account Management Module
The OpenDirectory account management module permits or denies users based whether the account is enabled in OpenDirectory.
The following option may be passed to this account management module:
no_check_shell
Skip validating the user's shell.
no_check_home
Skip validating the user's home directory.
refresh=min
Sets the mbr_check_membership(3) cache timeout to min minutes. When this option is used, the min value must be specified, and it
must be an integer.
The OpenDirectory Password Management Module
The OpenDirectory password management module supports password changing and enforces the OpenDirectory password policy.
SEE ALSO
mbr_check_membership(3), pam.conf(5), pam(8), pwpolicy(8), DirectoryService(8)
BSD
February 7, 2009 BSD
