Where do I find information how to verify FBSD login via LDAP

Matthew Seaman m.seaman at infracaninophile.co.uk
Tue May 20 02:17:22 PDT 2003 

On Tue, May 20, 2003 at 10:55:15AM +0200, Gunnar Flygt wrote:
> It's all in the Subject. I want to verify users to an external
> FTP server by using OpenLDAP. Where do I find documentation,
> or HowTo's?
> 
> I plan to have the LDAP server within our Company network, and the
> FTP server on a DMZ in the firewall
> 
> All as secure as possible

You're going to need certainly the pam_ldap and maybe the nss_ldap
functionality on the FTP server.  The Pluggable Authentication Module
pam_ldap can be installed via the security/pam_ldap port, and I
believe it works well on recent FreeBSD 4.x.  That's possibly all you
need to authenticate users via LDAP.

However, you might also need to use the Name Service Switch nss_ldap
module: this depends on the introduction of the name service switch
functionality, which is, as far as I know, still an on-going work in
5-CURRENT.  According to the Makefile for the net/nss_ldap port:

    .if ${OSVERSION} < 500112
    IGNORE=         NSS modules only supported on FreeBSD 5.1 or later
    .endif

As for HOWTOs --- the documentation at http://www.openldap.org/ is
pretty good, and there's some good stuff accessible from
http://www.padl.com/Contents/Documentation.html (PADL are the authors
of the pam_ldap and nss_ldap modules).  A lot of the Linux
documentation has much that is relevant to FreeBSD. The O'Reilly "LDAP
System Administration" nutshell book is also bang up to date
(published March 2003) and well worth reading.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030520/4332ec4e/attachment.bin

More information about the freebsd-questions mailing list