Re: LDAP

Clemens Huebner (clemens.huebner@att.net)
Tue, 06 Jul 1999 00:15:14 -0700

Glen Turner wrote:
>
> Raiden wrote:
> > Any LDAP compliance on Linux Kernel?
> > are any thingking about this point?
>
> Khimenko Victor replied:
> > Huh. Where it can be used in Linux kernel ??? Why it's
> > needed there ?
>
> LDAP is becoming the directory access mechanism adopted by
> large enterprises for user registration. So LDAP support in
> the Linux kernel allows people to log into Linux machines with
> the same userid, password, etc that they use for dial-in, web
> server access, mainframe use, etc. Common corporate LDAP
> systems come from Netscape and Novell, but there is a wide
> variety of offerings.
>
> There is an LDAP Pluggable Authentication Module for Linux
> at:
> http://www.padl.com/
> that adds LDAP support to the Linux kernel for user
> authentication and, optionally, registration.

PAM Modules have nothing to do with kernel modules. The kernel
doesn't _care_ about authentication. It works on UIDs only.

Authentication checking is done by userland programs running
at UID 0 and change to the appropriate UID after authentication.

I had the misfortune to read most of Solaris' PAM stuff,
so i know... *sigh*

Clemens
>
> Usual caveats about Linux's 16-bit numeric UIDs exacerbating
> the hell of aligning multiple manufacturers `reserved' UID/GID
> ranges apply.
>
> --
> Glen Turner Network Specialist
> Tel: (08) 8303 3936 Information Technology Services
> Fax: (08) 8303 4400 The University of Adelaide 5005
> Email: glen.turner@adelaide.edu.au South Australia
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/