Forum OpenACS Q&A: Re: nsldap with bind support

Posted by Gustaf Neumann on
If you have a chance i would recommend to use PAM (Pluggable Authentication Modules) in connection with the naviserver module nsauthpam written by Vlad Seryakov. PAM allows one to define a hierarchy of different authentication systems. PAM modules (such as pam_ldap, pam_usb, pam_smb, pam_ssh or pam_krb5) are available for many operating system (we use pam_krb5).

The module nsauthpam is implemented for naviserver and uses naviserver's nice API for Tcl argument passing. Victor Guerra has altered argument passing to the good old manual way to compile the module for aolserver as well. If there is interest, we can make this available.


Posted by Malte Sussdorff on
We are running into the issue of no bind support now a couple of times and are about to patch the Debian aolserver4-nsldap package to include the bind command. Has maybe anyone else done this already?

But as you recomment using nsauthpam, do you have the code to get this working in AOLserver somewhere so we could compile nsauthpam? Is there documentation for this?

Posted by Victor Guerra on
Let me look for the code and I'll upload it to the file-storage so you can have it.