How to configured PAM to use LDAP on HP-UX 11i?
asked Dec 14 '10 at 21:18
SSH KB ♦
This knowledge base article describes a scenario where the SSH Tectia client connects to an SSH Tectia Server (HP-UX 11i), which is configured for using an LDAP directory for user information. Clients connecting to the SSH Tectia Server can use either certificate authentication or keyboard-interactive authentication.
Client --- SSH Tectia Server --- LDAP Server
The relevant configuration files are found attached at the end of this knowledge base article. The files present an example configuration.
Please note that SSH provides technical support for configuring SSH Tectia products. Configuration and installation of operating system specific PAM modules and/or LDAP directories are not officially supported by SSH Communications Security.
Product and OS versions:
Server side configuration
/opt/ldapux/migrate/migrate_passwd.pl /etc/passwd ./passwd.ldif /opt/ldapux/bin/ldapmodify -a -h localhost -D cn=root -w secret -f passwd.ldif /opt/ldapux/bin/ldapsearch -b ou=People,o=ssh.com objectclass=*
$ nsquery passwd testuser
-- Using "files ldap" for the passwd policy.
Searching /etc/passwd for testuser testuser was NOTFOUND
Switch configuration: Allows fallback
Searching ldap for testuser User name: testuser User Id: 104 Group Id: 20 Gecos: Home Directory: /home/testuser Shell: /usr/local/bin/bash
Switch configuration: Terminates Search
/etc/ssh2/sshd2_config /etc/ssh2/certificates/ca-certificate.cer /etc/ssh2/certificates/mapfile
Client side configuration
answered Dec 14 '10 at 21:19
SSH KB ♦