Re: Different LDAP parameters for different PAM services

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Different LDAP parameters for different PAM services
Date: Mon, 02 Feb 2015 19:15:42 +0100

On Sun, 2015-02-01 at 19:21 +0100, Bertrand Bonnefoy-Claudet wrote:
> With original libpam-ldap, I would use the `config` parameter to
> specify a different configuration file [1].  I could not figure out
> how to achieve that with nss-pam-ldap.

Sadly, this is not supported with nss-pam-ldapd because it is modelled
around a single, global user list and authentication configuration for
system accounts.

What you could do is have a certain subset of users being able to log in
using the pam_authz_search option and using $service in the filter
string (see for example the authorizedService example in the nslcd.conf
manual page).

There are also FTP servers that support getting virtual users from LDAP
(I think I've set this up using proftpd in the past).

Kind regards,

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Different LDAP parameters for different PAM services, Bertrand Bonnefoy-Claudet
- Re: Different LDAP parameters for different PAM services, Arthur de Jong

Prev by Date: Different LDAP parameters for different PAM services
Next by Date: Can't retrieve specific users/groups
Previous by thread: Different LDAP parameters for different PAM services
Next by thread: Can't retrieve specific users/groups