[cups.general] Re: User-Authentikation with ldap instead of lppasswd?
Stefan-Michael. Günther (in-put GbR)
S.Guenther at in-put.de
Sun Sep 19 09:34:30 PDT 2004
Hi Michael,
> > is it possible to perform the user authentikation via ldap instead of
> > lppasswd? I tried this by modifying /etc/pam.d/cups, but got no entry
> > in the logfiles of openldap.
>
> As long as CUPS is linked against the PAM libraries, it should use
> the LDAP accounts for Basic authentication.
>
ldd /usr/sbin/cupsd
...
libpam.so.0 => /lib/libpam.so.0 (0x40140000)
...
Look's good.
And as far as I understood PAM, modifiy /etc/pam.d/cups the following way
auth required pam_unix2.so nullok use_ldap
account required pam_unix2.so use_ldap
should result in a request to the LDAP-Server which was entered in
/etc/ldap.conf. I also changed /etc/nsswitch:
passwd: ldap files
shadow: ldap files
group: ldap files
> That said, you'll still need to manage group memberships via
> /etc/group since CUPS does not currently support user and group
> lookups from LDAP, only from the system files and lppasswd.md5.
>
Hm, to be honest, now I'm a little bit confused: Together with PAM it's
possible, but this sounds to me as if it's not possible. (??)
Stefan
--
*****************************************
in-put GbR - Das Linux-Systemhaus
Stefan-Michael Günther
Moltkestraße 49 D-76133 Karlsruhe
Tel./Fax : +49 (0)721 / 83044 - 98/93
http://www.in-put.de
*****************************************
More information about the cups
mailing list