From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Apr 15 14:53:33 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g3F5rX671170;
	Mon, 15 Apr 2002 14:53:33 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from t-webmail1.odn.ne.jp (webmail1.odn.ne.jp [143.90.185.15])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g3F5rX471165
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 15 Apr 2002 14:53:33 +0900 (JST)
	(envelope-from unknown@pop02.odn.ne.jp)
Received: from [127.0.0.1] by t-webmail1.odn.ne.jp with SMTP
          id <20020415055332539.YYX.15336.t-webmail1.odn.ne.jp@webmail1.odn.ne.jp>
          for <FreeBSD-users-jp@jp.FreeBSD.org>;
          Mon, 15 Apr 2002 14:53:32 +0900
From: <unknown@pop02.odn.ne.jp>
To: <FreeBSD-users-jp@jp.FreeBSD.org>
Date: Mon, 15 Apr 2002 14:53:32 +0900
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20020415055332539.YYX.15336.t-webmail1.odn.ne.jp@webmail1.odn.ne.jp>
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020409
X-Sequence: FreeBSD-users-jp 68076
Subject: [FreeBSD-users-jp 68076] OpenLDAP =?ISO-2022-JP?B?GyRCJHIbKEI=?=
 NIS =?ISO-2022-JP?B?GyRCQmUkbyRqJEs7SCQkJD8kJBsoQg==?= 
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: unknown@pop02.odn.ne.jp

$B@686$H?=$7$^$9!#(B
$B8=:_<+Bp$K%M%C%H%o!<%/4D6-$b$J$/!"(B
$B=P@h$+$i$N(Bweb$B%a!<%k$J$N$G!"(B
$B$*$+$7$$$H$3$m$b$"$k$H;W$$$^$9$,$*5v$7$/$@$5$$!#(B


$B8=:_<+Bp$G(BFreeBSD 4.5-RELEASE$B$K!"(B
package$B$N(BOpenLDAP-2.0.23
ports/security/pam_ldap
$B$r%$%s%9%H!<%k$7$F(BLDAP$B$GG'>Z$7$h$&$H;W$C$?$N$G$9$,!"(B
$B;d$N0U?^$7$F$$$k$h$&$K$OF0$$$F$/$l$:$K:$$C$F$*$j$^$9!#(B

$B;d$H$7$F$O0lHL%f!<%6$N%"%+%&%s%H$r!"$9$Y$F(BLDAP$BFb$K;}$?$;$F!"(B
$B<+Bp(BLAN$BFb$N$I$N%^%7%s$G$bF1$8%f!<%6$r;H$($k$h$&$K!"(B
$B$D$^$j(BNIS$B$NBe$o$j$r$5$;$h$&$H;W$C$?$N$G$9!#(B

$B$7$+$7!"8=;~E@$G$O(Blogin$B$,G'>Z$O9T$C$F$/$l$k$N$G$9$,!"$=$N8e(B
LDAP$B$,(B($B3N$+!&!&!&!K(B
error trying to bind as user 
"uid=hoge,ou=People,dn=foo,dn=jp" (Invalid credentials).
$B$N$h$&$K8@$C$F$-$F(Blogin$B$,$G$-$^$;$s!#(B

$B$?$a$7$K(B/etc/passwd$B$K(Bhoge$B$N%"%+%&%s%H$r:n$C$F$+$i(B
LDAP$B$N%Q%9%o!<%I$G(Blogin$B$9$k$H%m%0%$%s$G$-$^$7$?!#(B

UNIX$B!!(BUSER$B!!#17n9f$r;29M$K$7$J$,$i9T$C$F$$$^$9!#!"(B
$B%"%+%&%s%H$r(BLDAP$BFb$K:n$l$P!"(B/etc/passwd$B$KL5$/$F$b(B
$B%m%0%$%s$G$-$k$h$&$K<u$1<h$l$?$N$G$9$,!"(B
$B;d$N4*0c$$$J$N$G$7$g$&$+!)(B
$B$=$l$H$b(BFreeBSD 4.5-RELEASE$B$G$OBP1~$7$F$$$J$$$N$G$7$g$&$+!)(B
$B$=$l$H$b@_Dj$,$A$,$C$F$$$k$N$G$7$g$&$+!)(B


$B9T$C$?$3$H$O(B
$BA0=R$N#2$D$N%$%s%9%H!<%k(B
$B<!$K(B/usr/local/etc/openldap/slapd.conf$B$NJT=8(B
-------------------------------
include		/usr/local/etc/openldap/schema/core.schema
include		/usr/local/etc/openldap/schema/cosine.schema
include		/usr/local/etc/openldap/schema/nis.schema

pidfile		/var/run/slapd.pid
argsfile	/var/run/slapd.args

database	ldbm
suffix		"dc=foo,dc=jp"
rootdn		"cn=Manager,dc=foo,dc=jp"
rootpw		hogehoge
directory	/var/db/openldap-ldbm
index	objectClass	eq
----------------------------------

/usr/local/etc/rc.d/slapd.sh start
$B$H$7$F(Bslapd$B$N5/F0(B

/usr/local/etc/ldapd.conf$B$NJT=8(B(pam_ldap$BIUB0(B)
----------------------------------
host 127.0.0.1
base dc=foo, dc=jp
---------------------------------

pam_ldap$B%$%s%9%H!<%k;~$K$$$o$l$k$^$^$K(B
/etc/pam.conf$B$r=$@5(B
------------------------------
login	auth	sufficient	pam_skey.so
login	auth	requisite	pam_cleartext_pass_ok.so
#login	auth	sufficient	pam_kerberosIV.so		try_first_pass
login	auth	sufficient	/usr/local/lib/pam_ldap.so
login	auth	required	pam_unix.so			try_first_pass
--------------------------------------

ldif$B%U%!%$%k$r:n@.(B
-----------------------------------
dn: dc=foo,dc=jp
objectclass: dcObject
objectclass: organization
o: Fool Organization
dc: foo

dn: cn=Manager,dc=foo,dc=jp
objectclass: organizationalRole
cn: Manager

dn: ou=User,dc=foo,dc=jp
ou: user
objectclass: organizationalUnit
-----------------------------------

$B%f!<%6$N(Bldif$B%U%!%$%k$r:n@.(B
-------------------------------
dn: uid=hoge,ou=User,dc=foo,dc=jp
uid: hoge
objectclass: posixAccount
objectclass: shadowAccount
uidNumber: 1001
gidNumber: 1001
gecos: System Administrator
homeDirectory: /usr/home/hoge
loginShell: /bin/csh
cn: hoge
userPassword: hogehoge
shadowLastChange: 10953
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
--------------------------------

$B$3$l$G%m%0%$%s$7$h$&$H$9$k$H(B
$B:G=i$K?=$7>e$2$?$h$&$J%(%i!<$,=P$k$N$G!"(B
$B0J2<$N$h$&$K(B/etc/pam.conf$B$KDI2C(B
-------------------------------------
login	account	sufficient	/usr/local/lib/pam_ldap.so
login	account	required	pam_unix.so
login	password sufficient	/usr/local/lib/pam_ldap.so
login	password required	pam_permit.so
login	session sufficient	/usr/local/lib/pam_ldap.so
login	session	required	pam_permit.so
-------------------------------------

$B$3$l$G$G$-$k$H;W$C$F$$$?$N$G$9$,!"(B
$B2?$bJQ$o$i$J$$$^$^$J$N$G$9!#(B

$B$I$3$+$*$+$7$$$H$3$m$,$"$k$N$G$7$g$&$+!)(B


$B$^$?!"(B
$B%"%+%&%s%H$N4IM}$r$7$F$$$k$N$,(Baccount$B$H=q$$$F$"$k9T$G!"(B
required$B$OG'>Z$K<:GT$7$F$b(B(pam.conf$B$N(B)$B<!$N%i%$%s$K$$$/!#(B
sufficient$B$O@.8y$7$F$b(Brequired$B$G<:GT$7$F$$$k$H$@$a!#(B
requisite$B$O<:GT$9$k$HB(=*N;(B
try_first_pass$B$O:G=i$NG'>Z$K;H$C$?%Q%9%o!<%I$GG'>Z$7(B
$B<:GT$9$k$H:FEY2hLL$KF~NO$r5a$a$kI=<($r=P$9!#(B
$B$H$$$&Iw$K!";d$NF,$OG'<1$7$F$$$k$N$G$9$,!"(B
login	account	required	/usr/local/lib/pam_ldap.so
login	account	required	pam_unix.so
$B$H$9$k$H(B/etc/passwd$B$KDj5A$5$l$F$$$k%f!<%6$b(B
$B%m%0%$%s$G$-$J$/$J$C$F$7$^$&$N$G$9!#(B
$B$3$l$b$J$K$+4V0c$C$F$$$^$9$G$7$g$&$+!)(B

pam_cleartext_pass_ok.so$B!!$H$$$&$N$O2?$r$9$k$N$G$7$g$&$+!)(B

$B$I$&$+$h$m$7$/$*4j$$$$$?$7$^$9!#(B


$B@6869b;V(B
unknown@pop02.odn.ne.jp



