From owner-freebsd-security  Tue Feb 26 19:56:18 2002
Delivered-To: freebsd-security@freebsd.org
Received: from ness.plymouth.edu (ness.plymouth.edu [158.136.1.140])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2335537B417; Tue, 26 Feb 2002 19:56:11 -0800 (PST)
Received: (from ted@localhost)
	by ness.plymouth.edu (8.11.6/8.10.0) id g1R3u5u25254;
	Tue, 26 Feb 2002 22:56:05 -0500 (EST)
From: Ted Wisniewski <ted@ness.plymouth.edu>
Message-Id: <200202270356.g1R3u5u25254@ness.plymouth.edu>
Subject: PAM & LDAP - Pointer anyone?
To: freebsd-questions@freebsd.org, freebsd-security@freebsd.org
Date: Tue, 26 Feb 2002 22:56:05 -0500 (EST)
X-Mailer: ELM [version 2.4ME+ PL88 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

I was wondering...  Has anyone done this successfully?

I have FreeBSD 4.5, OpenLdap 2.0.23 & pam_ldap-137

I have LDAP running, and configured where I can successfully Authenticate
FTP sessions.    However, when I try to authenticate any other
service - no go.  

I am specifically intersted in:

	ssh, telnet, pop3, imap

Since I have been able to do "ftp" I must be doing something correctly.

pam.conf entry (for telnetd):

# "telnetd" is for SRA authenticated telnet only. Non-SRA uses 'login'
telnetd auth    required        pam_ldap.so                     try_first_pass

I also have ftpd:

ftpd    auth    sufficient      pam_skey.so
ftpd    auth    requisite       pam_cleartext_pass_ok.so
ftpd    auth    sufficient      pam_ldap.so      		try_first_pass 


Perhaps I am missing something obvious?  If someone has done this and can
point me in the right direction, it would be much appreciated.

Thanks,

	Ted






-- 
|   Ted Wisniewski    		     INET:  ted@mail.plymouth.edu        |
|   Information Technology Services         ted@wiz.plymouth.edu         |
|   Plymouth State College                  tedw@tigger.plymouth.edu     |
|   Plymouth NH, 03264               HTTP:  http://oz.plymouth.edu/~ted/ |

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message