RSS feed

pam_authz_search variable references

[Date Prev][Date Next] [Thread Prev][Thread Next]

pam_authz_search variable references

Hey everyone.

Currently using nslcd pam_authz_search to limit access. I hit upon the
following which I can work around, but just asking for clarification.
"The search filter can contain the following variable references:
$username, $service, $ruser, $rhost, $tty, $hostname, $fqdn, $dn, and

I expected $username would contain the username, and $uid would
contain the numeric user (which in my case, I expected $username to
map to uid in ldap, and $uid to map to uidNumber in ldap). In 'getent
passwd' everything is correct, and everything works correctly. However
$username maps to 'uid' as does uid. I was hoping to use $uid in a
search like (uidNumber=$uid) however that fails as $uid expands to the
I can obviously do (uid=$username) which will work, but I'm a little
confused why we have both $username and $uid if they are the same. I
don't think any of my maps in /etc/nslcd.conf are causing the problem


uid nslcd
gid nslcd
uri ldap://
base dc=plug,dc=org,dc=au
filter group (objectClass=posixGroup)
map group uniqueMember member

Timothy White - Somewhere in Australia
To unsubscribe send an email to or see