Comment on LDAP to UNIX user proxy
just_another_person@lemmy.world 2 months agoThen you don’t understand how it works with local auth services.
Comment on LDAP to UNIX user proxy
just_another_person@lemmy.world 2 months agoThen you don’t understand how it works with local auth services.
cybersandwich@lemmy.world 2 months ago
Would you mind educating us plebs then? I had a similar question to op, and I can assure you, I definitely don’t understand local auth services the way I probably should.
just_another_person@lemmy.world 2 months ago
Your local auth services are configured to use LDAP as a source, whatever your local auth mechanism is checks credentials, and then you’re auth’d or not. Some distros have easy to use interfaces to configure this, some don’t, but mostly it’s just configuring pam.d (for Linux), and a caching daemon of some sort to keep locally cached copies of the shadow info so you can auth when the LDAP server can’t be contacted (if you’ve previously authenticated once). You can set up many different authentication sources and backends as well, and set their preferences, restrictions, options…etc.
RHEL/Fedora examples: www.redhat.com/sysadmin/pam-authconfig
Debian examples: wiki.debian.org/LDAP/PAM