[Gllug] LDAP

Bruce Richardson itsbruce at uklinux.net
Tue Sep 25 12:26:03 UTC 2001


On 9/25/01, 12:05:48 PM, Simon Stewart <sms at lateral.net> wrote regarding 
Re: [Gllug] LDAP:

> And to add to the mayhem, it'd be nice if the various programs that
> are littered around my system actually made an attempt to authenticate
> against LDAP (eg. screen savers, sudo, etc) Any ideas? Or must I write
> some perl to open a named pipe at /etc/passwd and to query LDAP for
> each and every line. Not elegant, and prone to disaster if the server
> is unreachable....

That's what pam is for.  Most password-protected Linux apps use pam these 
days (sudo and screensaver included).  You just need to set up pam 
properly. If you were using samba/winbind and ldap you would have a 
choice of authentification methods to use.  The neat thing is that this 
is all transparent to the applications.

My web applications authenticate first against our NDS tree and failing 
that against our NT domain controller.  Lovely thing, pam.

-- 

Bruce

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list