solaris pam_krb5.so.1
Matthew Mauzy
matthew_mauzy at unc.edu
Thu Mar 27 17:23:17 EST 2003
I have an openLDAP server that I'm trying to setup using kerberos 5 for
authentication. I have krb5 working (am able to kinit as krb5 principals)
and also have openLDAP working (accounts in the dir). I have nsswitch on
both Solaris 8 and 9 systems set to get passwd/shadow info from the LDAP
and am able to see LDAP accounts on these systems with 'listusers' and
'getent passwd'. What I can't do is login to an account that isn't local
to the machine. I've received info on the openldap list that seems to
indicate that I can't use pam_ldap (and I assume pam_unix) to login to the
systems because the userPassword attribute isn't set as {crypt} (I have it
set for {KERBEROS}prinicpal at REALM which works fine for redhat 8 systems
that are using LDAP/krb5 for account login info.)
So my question: how do you setup PAM on Solaris 8/9 systems to use LDAP for
account info, krb5 for passwords, and AFS for home dirs?
TIA,
--Matthew
__________________________________________________________________
Matthew W. Mauzy
Systems Administrator
Applied Math @ UNC-CH
email : mauzy at amath.unc.edu pager : mpager at amath.unc.edu
(W) 919.962.9819 www.amath.unc.edu/~mauzy/ (P) 919.347.0390
__________________________________________________________________
More information about the Kerberos
mailing list