From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Dec 17 04:27:22 2007
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id lBGJRM793688;
	Mon, 17 Dec 2007 04:27:22 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from sahiro.org (221x117x94x34.ap221.ftth.ucom.ne.jp [221.117.94.34])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id lBGJRK693596
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 17 Dec 2007 04:27:20 +0900 (JST)
	(envelope-from sahiro@crest.ocn.ne.jp)
Received: from lovers (unknown [192.168.0.252])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: ml@sahiro.org)
	by sahiro.org (Postfix) with ESMTP id 2F48517013
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 17 Dec 2007 04:27:19 +0900 (JST)
From: SASAKI Katuhiro <sahiro@crest.ocn.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
Message-Id: <20071217042718.9d933149.sahiro@crest.ocn.ne.jp>
In-Reply-To: <f4b71ddc0712160157q3dc33d0as739a2613000a2f72@mail.gmail.com>
References: <20071216095018.14c5e834.sahiro@crest.ocn.ne.jp>
	<20071216120851.e81490a8.sahiro@crest.ocn.ne.jp>
	<f4b71ddc0712160157q3dc33d0as739a2613000a2f72@mail.gmail.com>
X-Mailer: Sylpheed 2.4.7 (GTK+ 2.10.14; i686-pc-mingw32)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Mon, 17 Dec 2007 04:27:18 +0900
X-Sequence: FreeBSD-users-jp 91252
Subject: [FreeBSD-users-jp 91252] Re: OpenLDAP
 =?ISO-2022-JP?B?GyRCJEgbKEI=?= pam_ldap/nss_ldap
 =?ISO-2022-JP?B?GyRCTyI3SCRLJEQkJCRGGyhC?=
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: sahiro@crest.ocn.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B!!$5$5$-$G$9!#%j%W%i%$$"$j$,$H$&$4$6$$$^$9!#(B

On Sun, 16 Dec 2007 18:57:38 +0900
"Takayuki Shimizukawa" <shimizukawa@gmail.com> wrote:

> $B$&$^$/F0$$$F$$$kNc$H$7$F$&$A$N@_DjFbMF$r=q$-$^$9!#(B
> 
> OS:
>     FreeBSD 5.3-Security
> LDAP$B4XO"%Q%C%1!<%8(B:
>     openldap-client-2.2.30
>     openldap-server-2.2.30
>     pam_ldap-1.8.2
>     nss_ldap-1.251_1
> 
> /usr/local/etc/nss_ldap.conf
>     host 127.0.0.1
>     uri ldap://127.0.0.1/
>     base dc=example,dc=com
>     scope sub
>     rootbinddn cn=Manager,dc=example,dc=com
> 
$B!!;29M$K$7$^$9!#(BOpenLDAP$B$,:G?7(Bstable$B$N(B2.4$B7O$J$N$G%(%s%P%0$G$b$7$F$$$k$N(B
$B$G$7$g$&$+$M$'!#$5$9$,$K$=$l$O$J$$$H;W$$$^$9$,!#(B
$B!!$"$H!"(Brootbinddn$B$K$7$?J}$,$h$$$N$G$7$g$&$+!)!!(Broot$B%f!<%6$N>pJs(B
$B$O(B/etc/passwd$B$KF~$C$F$$$k$N$G!"4pK\E*$K(Banonymous $B%P%$%s%I$G$h$$$N$G$O$J(B
$B$$$+$H;W$C$?$N$G$9$,!#(B

> $B:4!9LZ$5$s$N@_Dj$H$N:90[$H$7$F$O!"(Buri$B$K(B ldapi:// $B$r;H$C$F$$$J$$(B
> $B$H$3$m$G$7$g$&$+!#<+J,$b(Bldapi(socket$B@\B3(B)$B$@$H$&$^$/$$$+$J$/$F(B
> ldap:// $B$KJQ$($?$h$&$J5$$,$7$^$9!#(B
> 
$B!!(B"ldap://"$B$KJQ99$7$F$_$^$7$?$,!"$I$&$K$b$&$^$/$$$C$F$$$J$$$h$&$G$9!#$&(B
$B!A$s!D!D!#(B

> # $B<XB-$G$9$,!"(Bpam$B$N8!>Z$K$O(Bpamtester$B$,JXMx$G$9!#(B
>
$B!!$"$j$,$H$&$4$6$$$^$9!#$5$C$=$/;H$C$F$_$^$7$?!#(B
> % pamtester login (user) open_session
> pamtester: sucessfully opened a session
>
$B!!$H$$$&$3$H$G!"(BPAM$B$NJ}$O$@$$$8$g$&$V$NLOMM$G$9!#(B
# $B;H$$J}4V0c$($F$$$?$i$4;XE&$$$?$@$1$k$H=u$+$j$^$9!#(B

$B!!0J>e$G$9!#$"$j$,$H$&$4$6$$$^$7$?!#(B
