Table of Contents
Advertisement
36.6.1 Standard Procedure
Background knowledge of the processes acting in the background of a client machine
helps you understand how the YaST LDAP client module works. If LDAP is activated
for network authentication or the YaST module is called, the packages pam_ldap and
nss_ldap are installed and the two corresponding configuration files are adapted.
pam_ldap is the PAM module responsible for negotiation between login processes
and the LDAP directory as the source of authentication data. The dedicated module
pam_ldap.so is installed and the PAM configuration is adapted (see
"pam_unix2.conf Adapted to LDAP"
Example 36.11 pam_unix2.conf Adapted to LDAP
auth:
account:
password:
session:
When manually configuring additional services to use LDAP, include the PAM LDAP
module in the PAM configuration file corresponding to the service in /etc/pam.d.
Configuration files already adapted to individual services can be found in /usr/
share/doc/packages/pam_ldap/pam.d/. Copy appropriate files to /etc/
pam.d.
glibc name resolution through the nsswitch mechanism is adapted to the employ-
ment of LDAP with nss_ldap. A new, adapted file nsswitch.conf is created in
/etc with the installation of this package. Find more about the workings of nsswitch
.conf in
be present in nsswitch.conf for user administration and authentication with LDAP.
See
Example 36.12, "Adaptations in nsswitch.conf"
Example 36.12 Adaptations in nsswitch.conf
passwd: compat
group: compat
passwd_compat: ldap
group_compat: ldap
These lines order the resolver library of glibc first to evaluate the corresponding files
in /etc and additionally access the LDAP server as sources for authentication and
user data. Test this mechanism, for example, by reading the content of the user database
682
Installation and Administration
use_ldap
use_ldap
use_ldap
none
Section 30.6.1, "Configuration Files"
(page 682)).
(page 583). The following lines must
(page 682).
Example 36.11,
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 11-05-2007
Related Products for Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 11-05-2007
- NOVELL BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION
- NOVELL BUSINESS CONTINUITY CLUSTERING 1.1 SP2 - ADMINISTRATION
- NOVELL LINUX ENTERPRISE 11 - HIGH AVAILABILITY
- NOVELL LINUX ENTERPRISE DESKTOP 11 - GNOME
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE
- NOVELL LINUX ENTERPRISE SERVER 10 - ARCHITECTURE-SPECIFIC INFORMATION 11-12-2006
- NOVELL LINUX ENTERPRISE 11 SP1 - LINUX AUDIT
- Novell LINUX ENTERPRISE SERVER 11 SUSE
- NOVELL DATA SYNCHRONIZER - UPDATE 1
- NOVELL LINUX ENTERPRISE SERVER 10 SP1 - ARCHITECTURE-SPECIFIC INFORMATION 15-03-2007
- NOVELL LINUX ENTERPRISE SERVER 10 SP3 - ARCHITECTURE-SPECIFIC
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - COMMAND LINE UTILITIES REFERENCE 10.3 30-03-2010
- NOVELL APPARMOR 1.2 - QUICK GUIDE AND
- NOVELL APPARMOR 1.2
- NOVELL OPEN WORKGROUP SUITE SMALL BUSINESS EDITION 9.3 - ADMINISTRATION 10-2007
- Novell SUSE LINUX ENTERPRISE DESKTOP 10 SP1 KDE