From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Dec 17 11:50:20 2007
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id lBH2oKg00503;
	Mon, 17 Dec 2007 11:50:20 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from sahiro.org (221x117x94x34.ap221.ftth.ucom.ne.jp [221.117.94.34])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id lBH2oK600498
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 17 Dec 2007 11:50:20 +0900 (JST)
	(envelope-from sahiro@crest.ocn.ne.jp)
Received: from sahiro-work.infoscience.co.jp (fw3.infoscience.co.jp [219.101.133.190])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: ml@sahiro.org)
	by sahiro.org (Postfix) with ESMTP id 76A4717013
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 17 Dec 2007 11:50:20 +0900 (JST)
From: SASAKI Katuhiro <sahiro@crest.ocn.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
Message-Id: <20071217115018.0e9dd503.sahiro@crest.ocn.ne.jp>
In-Reply-To: <f4b71ddc0712161823p6b20bbd2n5189bb539707b63@mail.gmail.com>
References: <20071216095018.14c5e834.sahiro@crest.ocn.ne.jp>
	<20071216120851.e81490a8.sahiro@crest.ocn.ne.jp>
	<f4b71ddc0712160157q3dc33d0as739a2613000a2f72@mail.gmail.com>
	<20071217042718.9d933149.sahiro@crest.ocn.ne.jp>
	<20071217043118.9b262e81.sahiro@crest.ocn.ne.jp>
	<f4b71ddc0712161823p6b20bbd2n5189bb539707b63@mail.gmail.com>
X-Mailer: Sylpheed 2.4.6 (GTK+ 2.10.14; i686-pc-mingw32)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Mon, 17 Dec 2007 11:50:18 +0900
X-Sequence: FreeBSD-users-jp 91257
Subject: [FreeBSD-users-jp 91257] Re: OpenLDAP
 =?ISO-2022-JP?B?GyRCJEgbKEI=?= pam_ldap/nss_ldap
 =?ISO-2022-JP?B?GyRCTyI3SCRLJEQkJCRGGyhC?=
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: sahiro@crest.ocn.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B!!$5$5$-$G$9!#(B

On Mon, 17 Dec 2007 11:23:43 +0900
"Takayuki Shimizukawa" <shimizukawa@gmail.com> wrote:

> 07/12/17 $B$K(B SASAKI Katuhiro<sahiro@crest.ocn.ne.jp> $B$5$s$O=q$-$^$7$?(B:
> > > $B$"$j$,$H$&$4$6$$$^$9!#$5$C$=$/;H$C$F$_$^$7$?!#(B
> > > > % pamtester login (user) open_session
> > > > pamtester: sucessfully opened a session
> > > >
> > $B!!;H$$J}$*$+$7$+$C$?$G$9$M!#G'>Z$G$"$l$P<!$N$h$&$K$9$k$N$G$7$g$&$+!#(B
> > > % pamtester login (user) authenticate
> > > pamtester: successfully authenticated
> > >
> > $B$d$O$j!"(BPAM$B$O(BOK$B$N$h$&$G$9!#$d$O$j(Bnss$B$G$9$+$M!<!#(B
> 
> pamtester$B$NBh0l0z?t$O(Bservice$BL>$J$N$G!"(B/etc/pam.d/ $B$K$"$k%U%!%$%kL>$r(B
> $B;XDj$7$^$9!#(Blogin$B$O%3%s%=!<%k%m%0%$%sMQ$N@_Dj$G!"(Bssh$BMQ$N@_Dj$O(Bsshd
> $B$J$N$G!"0J2<$N$h$&$K$J$k$H;W$$$^$9!#(B
> % pamtester sshd (user) authenticate
> 
$B!!(Bsshd_config$B$G(BPAM$B$r(Boff$B$K$7$F$$$?$N$G(Blogin$B$G:Q$^$;$^$7$?$,!"$h$/9M$($l$P(B
PAM$B$@$1$G%F%9%H$G$-$k$N$G$9$+$i(Bsshd$B$r;XDj$9$k$Y$-$G$7$?$M!#$H$$$&$3$H$G(B
$B$d$jD>$7!#(B
> % pamtester ssh sahiro authenticate
> pamtester: successfully authenticated
>
$B!!$d$O$j(BPAM$B$OLdBj$"$j$^$;$s$M!#(B


> $B$H$3$m$G!"$&$A$N(B /etc/pam.d/sshd $B$NCf?H$O0J2<$N$h$&$K$J$C$F$$$^$7$?!#(B
> $B;29M$K$J$l$P9,$$$G$9!#(B
> 
> auth            required        pam_nologin.so          no_warn
> auth            sufficient      pam_ldap.so             no_warn try_first_pass
> auth            required        pam_unix.so             no_warn try_first_pass
> 
> account         required        pam_login_access.so
> account         required        pam_unix.so
> 
> session         required        pam_permit.so
> session         optional        pam_ldap.so
> 
> password        required        pam_unix.so             no_warn try_first_pass
> password        required        pam_ldap.so             no_warn try_first_pass
> 
$B!!$&$A$G$O$3$s$J$+$s$8$G$9!#%3%a%s%HItJ,$O<h$j=|$$$F$"$j$^$9!#(B
> auth		required	pam_nologin.so		no_warn
> auth		sufficient	pam_opie.so		no_warn no_fake_prompts
> auth		requisite	pam_opieaccess.so	no_warn allow_local
> auth		sufficient	/usr/local/lib/pam_ldap.so	no_warn try_first_pass
> auth		required	pam_unix.so		no_warn try_first_pass
> 
> account	required	pam_login_access.so
> account	required	pam_unix.so
> 
> session	required	/usr/local/lib/pam_mkhomedir.so
> session	required	pam_permit.so
> 
> password	required	pam_unix.so		no_warn try_first_pass
>
$B!!$7$+$7$^$!!"A0=R$N$h$&$K(BPAM$B;H$C$F$$$J$$$N$G!"$H$j$"$($:$O4X78$N$J$$$H(B
$B$3$m$G$O$"$j$^$9$M!#(B

$B!!0J>e!#$*$D$-$"$$$"$j$,$H$&$4$6$$$^$7$?!#(B
