Arthurde Jongpam_ldap8Version 0.9.8System Manager's ManualJun 2017pam_ldapPAM module for LDAP-based authenticationpam_ldap.so...Description
This is a PAM module that uses an
LDAP server to verify user access rights and
credentials.
Options
Specifies that the PAM module should use the first
password provided in the authentication stack and not prompt the user
for a password.
Specifies that the PAM module should use the first
password provided in the authentication stack and if that fails prompt
the user for a password.
Specifying this option allows users to log in with a blank password.
Normally logins without a password are denied.
Specifies that the PAM module should return
PAM_IGNORE for users that are not present in the LDAP
directory.
This causes the PAM framework to ignore this module.
Specifies that the PAM module should return
PAM_IGNORE if it cannot contact the LDAP server.
This causes the PAM framework to ignore this module.
Specifies that warning messages should not be propagated to the
PAM application.
This causes the PAM module to use the earlier
provided password when changing the password. The module will not
prompt the user for a new password (it is analogous to
).
This option causes the PAM module to log debugging
information to
syslog3.
This option causes the PAM module to ignore the user
if the user id is lower than the specified value. This can be used to
bypass LDAP checks for system users
(e.g. by setting it to 1000).
Module Services Provided
All services are provided by this module but currently sessions changes
are not implemented in the nslcd daemon.
Files/etc/pam.confthe main PAM configuration file/etc/nslcd.conf
The configuration file for the nslcd daemon
(see nslcd.conf5)
See Alsopam.conf5,
nslcd8,
nslcd.conf5Author
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.