From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Dec 17 11:23:50 2007
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id lBH2Noq45291;
	Mon, 17 Dec 2007 11:23:50 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.178])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id lBH2No645286
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 17 Dec 2007 11:23:50 +0900 (JST)
	(envelope-from shimizukawa@gmail.com)
Received: by wa-out-1112.google.com with SMTP id m38so3216758waf.5
        for <FreeBSD-users-jp@jp.freebsd.org>; Sun, 16 Dec 2007 18:23:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        bh=wLqwMY+OK6gRYy914sLzoFXW9gO2fSDLsOz9HVYy1Nk=;
        b=hRGNU22IiQIDY+utY8Le8kUUs6/K1BHtMsTC4smheCBMFautsVCCXFn/R6KApBFf4m2BXc+n9SpbKrwENg6AJpduA6de2CKCDR2HRosyajCtYSDgVGVPq/nWV06AzCHhIW+KUqjd2AlCmO6mvjcabXNg4kVtn2g6nrZXACjlpSg=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=wS3GNO4Toajc93rwPrlI4gD0V6cV5ZMUSVJylxUMKIkcVTH5dWKFsw8Kz6KHxc0YyirnzvzZ/mAldu1edQ5Xo2wDayzvet0Lf9NNyV11t2RO0w5sG9HkIuGq93m0srn2J1+u/UIqks0Mz+V4o6reu4kQG8LctfsI2/df33/g6x4=
Received: by 10.114.210.2 with SMTP id i2mr2731605wag.36.1197858223709;
        Sun, 16 Dec 2007 18:23:43 -0800 (PST)
Received: by 10.114.208.16 with HTTP; Sun, 16 Dec 2007 18:23:43 -0800 (PST)
Message-ID: <f4b71ddc0712161823p6b20bbd2n5189bb539707b63@mail.gmail.com>
From: "Takayuki Shimizukawa" <shimizukawa@gmail.com>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <20071217043118.9b262e81.sahiro@crest.ocn.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20071216095018.14c5e834.sahiro@crest.ocn.ne.jp>
	 <20071216120851.e81490a8.sahiro@crest.ocn.ne.jp>
	 <f4b71ddc0712160157q3dc33d0as739a2613000a2f72@mail.gmail.com>
	 <20071217042718.9d933149.sahiro@crest.ocn.ne.jp>
	 <20071217043118.9b262e81.sahiro@crest.ocn.ne.jp>
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Mon, 17 Dec 2007 11:23:43 +0900
X-Sequence: FreeBSD-users-jp 91255
Subject: [FreeBSD-users-jp 91255] Re: OpenLDAP
 =?ISO-2022-JP?B?GyRCJEgbKEI=?= pam_ldap/nss_ldap
 =?ISO-2022-JP?B?GyRCTyI3SCRLJEQkJCRGGyhC?=
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: shimizukawa@gmail.com
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B@6?e@n$G$9!#(B

07/12/17 $B$K(B SASAKI Katuhiro<sahiro@crest.ocn.ne.jp> $B$5$s$O=q$-$^$7$?(B:
> > $B$"$j$,$H$&$4$6$$$^$9!#$5$C$=$/;H$C$F$_$^$7$?!#(B
> > > % pamtester login (user) open_session
> > > pamtester: sucessfully opened a session
> > >
> $B!!;H$$J}$*$+$7$+$C$?$G$9$M!#G'>Z$G$"$l$P<!$N$h$&$K$9$k$N$G$7$g$&$+!#(B
> > % pamtester login (user) authenticate
> > pamtester: successfully authenticated
> >
> $B$d$O$j!"(BPAM$B$O(BOK$B$N$h$&$G$9!#$d$O$j(Bnss$B$G$9$+$M!<!#(B

pamtester$B$NBh0l0z?t$O(Bservice$BL>$J$N$G!"(B/etc/pam.d/ $B$K$"$k%U%!%$%kL>$r(B
$B;XDj$7$^$9!#(Blogin$B$O%3%s%=!<%k%m%0%$%sMQ$N@_Dj$G!"(Bssh$BMQ$N@_Dj$O(Bsshd
$B$J$N$G!"0J2<$N$h$&$K$J$k$H;W$$$^$9!#(B
% pamtester sshd (user) authenticate

$B$H$3$m$G!"$&$A$N(B /etc/pam.d/sshd $B$NCf?H$O0J2<$N$h$&$K$J$C$F$$$^$7$?!#(B
$B;29M$K$J$l$P9,$$$G$9!#(B

auth            required        pam_nologin.so          no_warn
auth            sufficient      pam_ldap.so             no_warn try_first_pass
auth            required        pam_unix.so             no_warn try_first_pass

account         required        pam_login_access.so
account         required        pam_unix.so

session         required        pam_permit.so
session         optional        pam_ldap.so

password        required        pam_unix.so             no_warn try_first_pass
password        required        pam_ldap.so             no_warn try_first_pass


-- 
$B@6?e@n(B.jp
