HPE Community
Operating System - Linux
1832208 Members
2283 Online
110040 Solutions
New Discussion

Re: Linux PAM and LDAP

 
Sriram Rajan
Occasional Contributor

‎09-02-2003 07:19 PM

‎09-02-2003 07:19 PM

Linux PAM and LDAP

I am running several Redhat 9.0 Linux workstations that run OPENLDAP clients. I don't want local root to be able to change other user passwords. Also I want the old password be prompted before a user is allowed to change his password.

I am playing with PAM but haven't had any succees. Mainly because I don't understand PAM well enough.

Any ideas ?

Many thanks for your time.

Sriram
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎09-02-2003 07:47 PM

‎09-02-2003 07:47 PM

Re: Linux PAM and LDAP

Your best bet would be an NIS configuration. Then the user passwords would be controlled by the NIS master server.

Its somewhat complex but it can be done.

Making one of the Linux boxes an LDAP server might be a better way to go. You want central control and either suggestion can do it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Jerome Henry
Honored Contributor

‎09-02-2003 10:37 PM

‎09-02-2003 10:37 PM

Re: Linux PAM and LDAP

Hello,

Sure that LDAP server would be a good and not that hard way to go. ead Red hat advises on that at :
http://www.europe.redhat.com/documentation/rhl9/rhl-rg-en-9/ch-ldap.php3

They also have a few pages on pam. Maybe could your ead them too and let us know what exactly doesn't work on setting it up :
http://www.europe.redhat.com/documentation/rhl9/rhl-rg-en-9/ch-pam.php3
http://www.bb-zone.com/SLGFG/chapter25.html

J
You can lean only on what resists you...
0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎09-03-2003 12:31 AM

‎09-03-2003 12:31 AM

Re: Linux PAM and LDAP

see LJ articles :

http://www.linuxjournal.com/article.php?sid=6936

Regards,
Vitaly
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.