Poster of Linux kernelThe best gift for a Linux geek
pam_ldap

pam_ldap

Section: System Manager's Manual (8) Updated: Dec 2010
Local index Up
 

NAME

pam_ldap - PAM module for LDAP-based authentication  

SYNOPSIS

pam_ldap.so [...]  

DESCRIPTION

This is a PAM module that uses an LDAP server to verify user access rights and credentials.  

OPTIONS

use_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a password.
try_first_pass
Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt the user for a password.
nullok
Specifying this option allows users to log in with a blank password. Normally logins without a password are denied.
ignore_unknown_user
Specifies that the PAM module should return PAM_IGNORE for users that are not present in the LDAP directory. This causes the PAM framework to ignore this module.
ignore_authinfo_unavail
Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server. This causes the PAM framework to ignore this module.
no_warn
Specifies that warning messages should not be propagated to the PAM application.
use_authtok
This causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for a new password (it is analogous to use_first_pass).
debug
This option causes the PAM module to log debugging information to syslog(3).
minimum_uid=UID
This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be used to bypass LDAP checks for system users (e.g. by setting it to 1000).
 

MODULE SERVICES PROVIDED

All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.  

FILES

/etc/pam.conf
the main PAM configuration file
/etc/nslcd.conf
The configuration file for the nslcd daemon (see nslcd.conf(5))
 

SEE ALSO

pam.conf(5), nslcd(8), nslcd.conf(5)  

AUTHOR

This manual was written by Arthur de Jong <arthur@arthurdejong.org>.


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
MODULE SERVICES PROVIDED
FILES
SEE ALSO
AUTHOR

This document was created by man2html, using the manual pages.
Time: 22:02:06 GMT, April 16, 2011