nss_ldap on FreeBSD 5.3
Nathan Vidican
nvidican at wmptl.com
Mon Nov 21 15:49:06 GMT 2005
Robert Fitzpatrick wrote:
> I find several docs on setting this up, but none pertaining to linux
> compat. Can anyone point me to some instructions for setting this up
> properly?
>
> --
> Robert
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
Um... actually VERY easy...
Step 1: install nss_ldap & pam_ldap
2: edit /usr/local/etc/nss_ldap.conf
edit /usr/local/etc/ldap.conf
edit /usr/local/etc/ldap.secret
3: edit /etc/nssswitch.conf, change from 'files' to 'files ldap' for 'group',
and 'passwd' (optionally) 'hosts' too.
4: do a quick 'ldapsearch -x' to make sure you are connecting/searching the
correct ldap tree...
5: edit /etc/pam.d/<service> file(s) for which types of accounts you want to
authenticate. ie: system, login, ftp, ssh, other, etc... should have to add a
line like:
auth sufficient /usr/local/lib/pam_ldap.so try_first_pass
That should be it. Assuming your librairies are up to date, you have a valid
db/tree in ldap you can connect and search... then you should be able to login
right away.
--
Nathan Vidican
nvidican at wmptl.com
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
More information about the freebsd-questions
mailing list