System Authentication - Installation
Install from PADL <http://www.padl.com/>
- pam_ldap <http://www.padl.com/pam_ldap.html>
- nss_ldap <http://www.padl.com/nss_ldap.html>
/etc/ldap.conf
BASE dc=foo,dc=com
HOST ldap.server.com
pam_crypt local
/etc/nsswitch.conf
Add ldap to the passwd, shadow and group entries in
/etc/nsswitch.conf. Be aware of the effects of putting it
first or last.
/etc/pam.d
Need similar for every app you want to use ldap
/etc/pam.d/ssh
From RedHat 6.2
#%PAM-1.0
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_pwdb.so shadow nullok try_first_pass
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session sufficient /lib/security/pam_ldap.so
session required /lib/security/pam_pwdb.so
|