ldap
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
ldap [2009/08/17 06:07] – 172.26.0.166 | ldap [2024/01/16 09:21] (current) – removed aorth | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== LDAP Authentication ===== | ||
- | |||
- | |||
- | Using LDAP for authentication against the CGIAR Active Directory for SSH, local and GUI logins to a Linux computer. | ||
- | |||
- | ===== Overview ===== | ||
- | |||
- | * Requirements: | ||
- | Properly configured user accounts in the active directory (UserPrincipalName property in the form username@cgiarad.org) | ||
- | |||
- | * Implementation | ||
- | Authentication on a Linux PC’s is managed by PAM modules (Pluggable Authentication Modules). A special PAM module should be used, configured to test username | ||
- | |||
- | Compiling the sources of the custom LDAP module: | ||
- | |||
- | '' | ||
- | |||
- | Linking the sources | ||
- | |||
- | '' | ||
- | |||
- | The library pam_cgiar_ldap.so must be copied where the other PAM modules are saved, that is: | ||
- | |||
- | ''/ | ||
- | on the HPC | ||
- | ''/ | ||
- | |||
- | PAM configuration files for each PAM enabled application we want to work with should be configured. | ||
- | |||
- | Remember than when using the pam_cgiar_ldap.so module in the PAM file it cannot be on top of the auth stack. | ||
- | |||
- | For example to use LDAP authentication for SSH logins we shall include into the file / | ||
- | |||
- | |||
- | See document: CGIAR-HPC-COP.doc | ||
- | |||
- | |||
ldap.1250489221.txt.gz · Last modified: 2010/05/22 14:19 (external edit)