1

I need to configure PAM rules on Debian system to use LDAP authentification. Earlier I did it on CentOS and I'm not sure that I understand PAM rules matching on their systems right.

On CentOS I've edited these files in /etc/pam.d/:

fingerprint-auth password-auth smartcard-auth system-auth

it's soft links to {filename}-ac files

In Debian I see only one of them:

system-auth

But here are a few files like common-{auth,password,session} and as I think system-auth consists of them (am I right?).

So what PAM-files I need to edit in Debian?

I found another way (right way, as I dare to say): auth-client-config, a script on Python from Ubuntu that change PAM-rules in files /etc/pam.d/common-{filename}, but is that enough? Do I need to edit system-auth manually?

Improve this question

1 Answer 1

Reset to default
1

/etc/pam.d/system-auth is not part of Debian, you must have created it yourself. If all other files under /etc/pam.d are pristine, then enabling LDAP via dpkg-reconfigure libpam-runtime should add the lines necessary for basic functionality to common-* (which are included by the various service config files: login, sshd, and so on). Of course, all of the above depends on libpam-ldapd (and consequently: nslcd) being installed and configured correctly (which automatically enables itself in libpam-runtime, so dpkg-reconfigure shouldn't be needed unless you disabled it beforehand). Most probably you'll also need libnss-ldapd to provide the user database.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.