Diff for /wikisrc/tutorials/openldap_authentication_on_netbsd.mdwn between versions 1.3 and 1.4

version 1.3, 2014/05/31 17:49:28 version 1.4, 2014/06/04 20:56:19
Line 300  On my system I have the following change Line 300  On my system I have the following change
   
 ##  /etc/pam.d/system   ##  /etc/pam.d/system 
           
     # $NetBSD: openldap_authentication_on_netbsd.mdwn,v 1.2 2012/02/05 07:14:36 schmonz Exp $      # $NetBSD: openldap_authentication_on_netbsd.mdwn,v 1.3 2014/05/31 17:49:28 tron Exp $
     #      #
     # System-wide defaults      # System-wide defaults
     #      #
Line 335  The original message describing the prob Line 335  The original message describing the prob
 <http://mail-index.netbsd.org/tech-userlevel/2007/08/25/0006.html>  <http://mail-index.netbsd.org/tech-userlevel/2007/08/25/0006.html>
   
   
   ##  /etc/pam.d/system 
   
       #
       # PAM configuration for the "sudo" service
       #
       
       # auth
       auth            sufficient      pam_ldap.so             no_warn try_first_pass
       auth            required        pam_unix.so             no_warn try_first_pass nullok use_uid
       
       # account
       account         required        pam_login_access.so
       account         include         system
       
       # session
       session         required        pam_permit.so
       
   This file is only required if you want to use the "sudo" package from "pkgsrc".
   You will have to compile this package manually with "PKG_OPTIONS.sudo" set to
   "pam" because it doesn't support PAM by default.
       
 #  Securing your system   #  Securing your system 
   
 As far as the document goes now, this setup is unprotected in that anyone listening in to the packets travelling trough your network would be able to find the unencrypted messages of your ldap users. Not a happy thought.   As far as the document goes now, this setup is unprotected in that anyone listening in to the packets travelling trough your network would be able to find the unencrypted messages of your ldap users. Not a happy thought. 

Removed from v.1.3  
changed lines
  Added in v.1.4


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb