Pluggable Authentication Methods - Working With Oracle® Solaris 11.2 Directory and Naming Services: LDAP

Working With Oracle^® Solaris 11.2 Directory and Naming Services: LDAP

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Working With Oracle^® Solaris ... » LDAP and Authentication Service » Pluggable Authentication Methods

Updated: July 2014

Working With Oracle^® Solaris 11.2 Directory and Naming Services: LDAP

Document Information

Using This Documentation

Chapter 1 Introduction to the LDAP Naming Service

Chapter 2 LDAP and Authentication Service

LDAP Naming Services Security Model

Client Credential Levels

Authentication Methods for the LDAP Naming Service

Pluggable Authentication Methods

LDAP Account Management

Example pam_conf File Using the pam_ldap Module for Account Management

Chapter 3 Planning Requirements for LDAP Naming Services

Chapter 4 Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients

Chapter 5 Setting Up LDAP Clients

Chapter 6 Troubleshooting LDAP

Chapter 7 LDAP Naming Service (Reference)

Chapter 8 Transitioning From NIS to LDAP

Language:

Pluggable Authentication Methods

With the PAM framework, you can choose among several authentication services, including the pam_unix_*, pam_krb5, and pam_ldap_* modules.

To use per-user authentication, you must enable pam_krb5. However, you can still use pam_krb5 authentication even if you do not assign the per-user credential level. If proxy or anonymous credential levels are used to access directory server data, then you cannot restrict access to directory data on a per-user basis.

If you choose anonymous or proxy authentication, use the pam_ldap module instead of the equivalent pam_unix_* modules. The pam_ldap module is more flexible, supports stronger authentication methods, and can perform account management.

Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices