[tac_plus] linux pam and ldap - or just linux pam

Asif Iqbal vadud3 at gmail.com
Mon Aug 5 19:54:05 UTC 2013

This is how we setup our tac_plus with libpam_ldap on ubuntu

# sudo apt-get install build-essential libpam0g-dev gcc flex bison
 libwrap0-dev libpam-ldap
# (compile tac_plus and it should find pam libraries)

# cat /etc/pam.d/tac_plus
auth   sufficient        pam_ldap.so

# cat /etc/tacacs.conf
user = foo {
        login = PAM
        member = bar

# cat /etc/ldap.conf
base ou=People,dc=example,dc=com
uri  ldaps:// ldaps://
ldap_version 3
binddn uid=mybinduid,ou=people,dc=example,dc=com
bindpw secret
pam_password crypt

# cat /etc/ldap/ldap.conf
TLS_CACERT /etc/ssl/certs/company.cer

Hopefully I did not miss anything.

On Sun, Aug 4, 2013 at 12:28 PM, heasley <heas at shrubbery.net> wrote:

> If you're a user of tac_plus on linux with pam, I'd like to see your pam
> configuration to add to documentation to help others.  I do not use linux
> or ldap, but others request configuration help often.  TIA.

> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus

Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20130805/e22258d2/attachment.html>

More information about the tac_plus mailing list