On Tue, Nov 16, 1999 at 03:57:10PM -0500, [EMAIL PROTECTED] wrote:
:
: I've found the file /etc/ldap.conf, changed the host name to my LDAP
: server, and the distinguished name of the search base to my domain name.
:
: Also I've added
:
: auth required /lib/security/pam_ldap.so
:
: To my /etc/pam.d/login file. Of course it doesn't work, the only error
: message I get in /var/log/messages is:
:
: Nov 16 15:46:47 xx login[2290]: pam_ldap: ldap_search_s Insufficient
: access
:
: I wasn't aware there needed to BE a specific access level to authenticate
: from an LDAP database! Other programs we use can authenticate from our
: LDAP database without using a specific user ID/password. We aren't
: attempting to CHANGE info, just authenticate.
I haven't setup pam_ldap, so I don't have a howto. I can, however, tell
you that in order to do things like authentication, you will need to
bind to the LDAP directory. Anonymous access to LDAP attributes like
password are not going to fly.
Perhaps the default pam_ldap configuration is an anonymous bind, rather
than an authenticated bind...
--
Jason Costomiris <><
Technologist, cryptogeek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
