RSS feed

Re: Not getting shadow password with nslcd 0.8.10

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Not getting shadow password with nslcd 0.8.10

On Mon, 9 Dec 2013, Arthur de Jong wrote:

On Thu, 5 Dec 2013, Harald Hannelius wrote:
I have several Debian 6.0 computers configured using nslcd 0.7.15 that are able to authenticate users in LDAP.

I now have a Debian 7.2 with nslcd 0.8.10 that I've tried to get to authenticate and I can't for my life figure out what's wrong.

The 0.8 series no longer requests userPassword by default because it is not the recommended approach to do authentication. The PAM module (libpam-ldapd in Debian) is generally a much better idea because it does not require exposing password hashes through the network.

You can still configure nslcd to expose the password hashes by using:
 map shadow userPassword userPassword

Thanks! Worked right away.

Don't know why I was unable to get libmap-ldapd to work. Perhaps my sub-1000 uid-number is the culprit.

A: Top Posters!                                      |  s/y Charlotta |
Q: What is the most annoying thing on mailing lists? |    FIN-2674    | Finn Express Purjehtijat ry   |  ============= |
Harald H Hannelius | harald (At) iki (dot) fi | GSM +358 50 594 1020
To unsubscribe send an email to or see