Date: Tue, 18 Mar 2008 05:21:52 +0100 From: Wael Nasreddine <mla@nasreddine.com> Cc: freebsd-questions@freebsd.org Subject: LDAP authenticating for Jails. Message-ID: <20080318041216.GA18220@phoenix.nasreddine.info>
next in thread | raw e-mail | index | archive | help
--UfEAyuTBtIjiZzX6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I just finished setting up my server, I installed FreeBSD 7-RELEASE host + 7 jails, 2 of them are USERS and MAIL, the USERS is a jail where users should login via SSH.. For my Mail system, I have both the virtual mail with authenticating =66rom MySQL, and home-mail with PAM authentication, all done via courier-imap and authlib... the reason I have such setup is because I use fetchmail/procmail ( for multiple user ) to download all my email accounts and store them in my home folder, delivery would be via IMAP only... Anyway, the users used to change their email password ( the home-mail password) using usual passwd mechanism, but since the MAIL is received/sent on another Jail, I have to come up with a way to authenticate from a shared database ( or if it's possible to synchronise password changes between jails which I doubt ), So I thought of creating a new jail with only an LDAP server running, with all users accounts, this way SSH can login to USERS jail and IMAP to MAIL jail using the same password, but I have never done this before so I might need some help... First things first, If I deployed this mechanism, will the user be able to change the password with a simple passwd command? Or should he go through LDAP ( phpMyLDAP ?? ) Could you please point me in the direction of having such mechanism ? I found this tutorial[1] but I'm not sure if it's outdated or not... [1]: http://chaos.untouchable.net/index.php/HOWTO_setup_freebsd_6_ldap_auth= entication Regards, --=20 Wael Nasreddine http://wael.nasreddine.com PGP: 1024D/C8DD18A2 06F6 1622 4BC8 4CEB D724 DE12 5565 3945 C8DD 18A2 =2E: An infinite number of monkeys typing into GNU emacs, would never make a good program. (L. Torvalds 1995) :. --UfEAyuTBtIjiZzX6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFH30NgVWU5RcjdGKIRAhtcAJ9YeOq90tM4519p7Z2/hVWNCWBrgACfQo1w DCNZH+1XdM6ME12oQ7eUJwE= =84j2 -----END PGP SIGNATURE----- --UfEAyuTBtIjiZzX6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080318041216.GA18220>