freebsd authentication against ldap? - BSD

This is a discussion on freebsd authentication against ldap? - BSD ; Hello, Does anyone have freebsd 6 authenticating against openldap? I'd like to get my bsd boxes to do this, but i don't want to make all the first time mistakes when i do it, if someone could give me an ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: freebsd authentication against ldap?

  1. freebsd authentication against ldap?

    Hello,
    Does anyone have freebsd 6 authenticating against openldap? I'd like to
    get my bsd boxes to do this, but i don't want to make all the first time
    mistakes when i do it, if someone could give me an outline i'd appreciate
    it. I know i'll need openldap 2.4 server and client, pam_ldap and nss_ldap,
    i've got that installed.
    Thanks.
    Dave.



  2. Re: freebsd authentication against ldap?

    On Wed, 9 Jan 2008 16:09:23 UTC, "Dave" wrote:

    > Does anyone have freebsd 6 authenticating against openldap? I'd like to
    > get my bsd boxes to do this, but i don't want to make all the first time
    > mistakes when i do it, if someone could give me an outline i'd appreciate
    > it. I know i'll need openldap 2.4 server and client, pam_ldap and nss_ldap,
    > i've got that installed.


    I've done some experiments but that's all so far. Two points:

    1) I have the O'Reilly book, and even with that it's difficult! I fdo
    have a colleague at work who is an X500/LDAP expert (in general) and may
    end up conslulting him!

    2) Gotcha. Quite a lot of stuff (e.g. Samba) has a dependency on the
    LDAP client. This stops you installing the server. I fixed this by
    altering the pkgtools.conf file to change the dependency on ldap-client
    to be to ldap-server. I also forcibly removed ldap-client and installed
    ldap-server.

    --
    Bob Eager
    UNIX since v6..
    http://tinyurl.com/2xqr6h


  3. Re: freebsd authentication against ldap?

    Bob Eager wrote:
    > On Wed, 9 Jan 2008 16:09:23 UTC, "Dave" wrote:
    >
    >> Does anyone have freebsd 6 authenticating against openldap? I'd like to
    >> get my bsd boxes to do this, but i don't want to make all the first time
    >> mistakes when i do it, if someone could give me an outline i'd appreciate
    >> it. I know i'll need openldap 2.4 server and client, pam_ldap and nss_ldap,
    >> i've got that installed.

    >
    > I've done some experiments but that's all so far. Two points:
    >
    > 1) I have the O'Reilly book, and even with that it's difficult! I fdo
    > have a colleague at work who is an X500/LDAP expert (in general) and may
    > end up conslulting him!
    >
    > 2) Gotcha. Quite a lot of stuff (e.g. Samba) has a dependency on the
    > LDAP client. This stops you installing the server. I fixed this by
    > altering the pkgtools.conf file to change the dependency on ldap-client
    > to be to ldap-server. I also forcibly removed ldap-client and installed
    > ldap-server.
    >


    I have ldap authentication working on FreeBSD 6.2 and have had it for
    some time, it works fine and I have not had any issues. Although I'm
    not really using it, I was just experimenting with LDAP, I had a couple
    of Mac OS X machines binding to the freebsd LDAP server for
    authentication as well.

    I used this procedure to get it up and working, I've been using it for
    some time and have these versions of LDAP installed:

    openldap-server-2.3.40
    openldap-sasl-client-2.3.40
    nss_ldap-1.257
    pam_ldap-1.8.4

    Here is the link to the procedure I used:

    http://www.cultdeadsheep.org/FreeBSD...ini-HOWTO.html

    I also modified passwd.c using this patch so that I could change ldap
    passwords with /bin/passwd:

    http://lists.freebsd.org/pipermail/f...er/008819.html

    The webmin package is quite handy for building users in the LDAP database.

    regards
    John

+ Reply to Thread