PAM modules violating PAM architecture?, e.g. mod_auth_pam

Tony den Haan tony at tuxick.net
Wed Oct 6 21:28:07 UTC 2004


On Wednesday 06 October 2004 20:44, Jed Donnelley wrote:

> As I understand the PAM architecture (as on the diagram above) this should
> work to use with apache authentication being forwarded to LDAP.  However, I
> found that
> I needed to include:
>
> passwd:    files ldap
> group:       files ldap
>
> in my /etc/nsswitch.conf file to get it to function.  This meant I couldn't
> use it in my system as it forced all sorts of LDAP users and groups to
> be on the system (e.g. for login, file access, etc., etc.) that should not
> be on the system.

nopes, you need nss_ldap for that, which comes from the same padl.com
people who wrote pam_ldap. 


tony




More information about the Pam-list mailing list