Re: [squid-users] SQUID+PAM+LDAP

From: Renato Goncalves Silva <[email protected]>
Date: Tue, 16 Nov 2004 16:40:40 -0200

Nobody help me??

This is the last thing to close my project.

thanks.

>>> "Renato Goncalves Silva" <renato_silva@usinaester.com.br> 12/11/2004 10:14:16 >>>
Delete this line i dont authenticate to NDS.

All configurations are perfect.

I do not know more to make.

Whith LDAP helpers my NDS server need to accept clear password.

>>> Henrik Nordstrom <hno@squid-cache.org> 11/11/2004 10:40:07 >>>
Delete the account group from your PAM configuration.

I.e. the line reading

account sufficient /lib/security/pam_ldap.so debug

or tel pam_auth to not care about the account group.

But I would seriously recommend you to use the LDAP helpers for Squid
rather than to jump the long way via PAM, unless ofcourse you also want
the users to be able to login as local users to the server where Squid is
running.

Regards
Henrik

On Thu, 11 Nov 2004, Renato Goncalves Silva wrote:

> I dont know where to change.
>
> Please help me.
>
>
> tanks a lot.
>
>>>> Henrik Nordstrom <hno@squid-cache.org> 10/11/2004 18:35:30 >>>
> On Wed, 10 Nov 2004, Renato Goncalves Silva wrote:
>
>> How i configure PAM to do this??
>>
>> My file /etc/pam.d/squid.
>>
>> #%PAM-1.0
>> auth sufficient /lib/security/pam_ldap.so debug
>> account sufficient /lib/security/pam_ldap.so debug
>> password required /lib/security/pam_ldap.so use_authtok debug
>> session sufficient /lib/security/pam_ldap.so debug
>
> I would think the existing account configuration section in your PAM
> configuration would give a hint... (configure your PAM service to not
> check the account status, your PAM configuration having an account
> restriction..)
>
> Regards
> Henrik
>
Received on Tue Nov 16 2004 - 10:40:55 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST