top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

PAM + LDAP Authentication

+6 votes
317 views

I am trying to configure PAM to connect to OpenDJ LDAP server, however seem tricky , I configured via system-config-authentication tool and sssd gets restarted,

Please let me know a simple way to connect to SSL based LDAP server to authenticate users created in LDAP server.

posted Feb 12, 2014 by Deepak Dasgupta

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
0 votes

I know that in version 3.3.9 Mongodb supports LDAP on windows. So I wanted to know whether it will be available for Community Edition or it remains for the Enterprise Edition only?

+3 votes

We have integrated apache web server with our internal LDAP and we have requirement to provision role based access to the folders in the docroot. We have earlier used SVN and we were using AuthzSVNAccessFile to meet this requirement. Contents of the file will look like this.

[groups]
users = usera
admins = usera, userb
[/]
users = r

[/folderA]
admins= r

Now we are looking for something similar with the apache directives, is it possible? if not, can you please give us an alternate?

I have tried "Require ", it doesn’t solve our requirement.

+2 votes

I have installed Bugzilla 4.4 on Apache. I have configured it for LDAP authentication. I have some users on LDAP and I wish to allow all of them to be able to file a bug on Bugzilla.

However, it appears that I still need to create all these users in bugzilla. Instead of creating 100 users one by one - is there a way I could insert records in some table OR any configuration by which the user is automatically created?

What is the best way to configure in this case?

+1 vote

There is a simple setup for svn users authentication on the server using LDAP.

 DAV svn
 SVNListParentPath on
 SVNParentPath /path_to_data
 SVNListParentPath on
 AuthzSVNAccessFile /path_to_accessfile/accfile

 AuthzLDAPAuthoritative off
 AuthType Basic
 AuthBasicProvider ldap
 AuthName "your login pls"
 AuthLDAPBindDN "blah-blah"
 AuthLDAPBindPassword "somepass"
 AuthLDAPURL "ldap://URL+DC?sub?(objectClass=*)"
 AuthzForceUsernameCase Lower
 Require valid-user

 CheckSpelling On

What I noticed is that svn server making a request for each svn URI or operation, which neither LDAP server likes nor users that could be waiting for their turn to be authenticated and see delays in svn server
response.

Could somebody point me where the problem is? I'd expect only one authentication request from the server when user presents himself first time (or after cache expires).

+2 votes

I'm using multi ipaddress setup with virtual hosts to support different certificates.

For one of the hosts we currently don't have DNS pointing to the right IP so I edited my hosts file to point myextended.host.com at the relevant IP. This host has a GlobalSign extended cert. We want to check the setup before going live.

On windows I checked that all the popular browsers see my extended certificate and see green url bars ok.

On linux chromium shows green, but on one machine firefox shows untrusted and on another it shows green.

Is there a way to check the certificate setup from a linux box without having the correct dns in place? I normally use GlobalSign's test stuff, but that won't work without the right dns in place.

...