Client Configuration: PAM
/etc/pam_ldap.conf
# Your LDAP server.
host 127.0.0.1
# The distinguished name of the search base.
base dc=example,dc=net
# Use the V3 protocol to optimize searches
ldap_version 2
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
#pam_login_attribute uid
pam_crypt local
/etc/pam.d/ssh - need similar for every app you want to use ldap
#%PAM-1.0
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_pwdb.so shadow nullok try_first_pass
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session sufficient /lib/security/pam_ldap.so
session required /lib/security/pam_pwdb.so
|