Alan DeKok wrote:
Why not also get the passwords from ldap? Why use PAM at all?
Because LDAP isn't a very good solution for handling passwords, IMO. I
prefer Kerberos in its simplicity.
If you want to use PAM, you have to force it via Auth-Type.
Thank you, the problem for me is that
Erik Karlsson wrote:
> I am trying to set up a simple Wlan-authentication using EAP-TTLS to
> avoid client certificates and PAM to use the server system
> authentication scheme. PAM doesn't know about users, and the users are
> situated in a LDAP database, which I think makes it logical to use
> rl
>The problem is that PAM is never used. This seems to be an artifact of
>the fact that rlm_ldap is supposed to fetch a "known good" password, but
>I don't have passwords in the LDAP database. rlm_ldap is indeed
>successful in authorizing, but there is no Auth-Type set to handle the
>authentication
Hello!
I am trying to set up a simple Wlan-authentication using EAP-TTLS to
avoid client certificates and PAM to use the server system
authentication scheme. PAM doesn't know about users, and the users are
situated in a LDAP database, which I think makes it logical to use
rlm_ldap for authori
4 matches
Mail list logo
