Index: openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html,v diff -u -r1.6 -r1.7 --- openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html 7 Aug 2017 23:47:46 -0000 1.6 +++ openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.html 3 Sep 2024 15:37:30 -0000 1.7 @@ -1,4 +1,4 @@ -
OpenACS supports PAM authetication via the ns_pam module in AOLserver.
Add PAM support to AOLserver. OpenACS supports PAM support via the PAM AOLserver +
OpenACS supports PAM authentication via the ns_pam module in AOLserver.
Add PAM support to AOLserver. OpenACS supports PAM support via the PAM AOLserver
module. PAM is system of modular support, and can provide
local (unix password), RADIUS, LDAP (more
information), and other forms of
@@ -59,10 +59,10 @@
/etc/pam.d/service0
with these contents:
auth sufficient /lib/security/pam_radius_auth.so
Modify the AOLserver configuration file to use - this PAM domain. Edit the line
ns_param PamDomain "service0"
So that the value of the parameter matches the name (just the file name, not the fully pathed name) of the domain file in
/etc/pam.d/
LDAP in PAM. more information
Modify the AOLserver configuration file to support ns_pam.
In + this PAM domain. Edit the line
ns_param PamDomain "service0"
So that the value of the parameter matches the name (just the filename, not the fully pathed name) of the domain file in
/etc/pam.d/
LDAP in PAM. more information
Modify the AOLserver configuration file to support ns_pam.
In
/var/lib/aolserver/service0/etc/config.tcl
, enable the nspam module by uncommenting this line:
ns_param nspam ${bindir}/nspam.so
Install auth-pam OpenACS service package. Install auth-pam
and restart the server.
Create an OpenACS authority. OpenACS supports multiple authentication authorities. The OpenACS server itself is the "Local Authority," used by default.
Browse to the authentication administration page,
http://yourserver/acs-admin/auth/
.
- Create and name an authority (in the sitewide admin UI)
Set Authentication to PAM.
If the PAM domain defines a password
command, you can set Password Management to PAM. If not, the PAM module cannot change the user's password and you should leave this option Disabled.
Leave Account Registration disabed.
Configure Batch Synchronization + Create and name an authority (in the sitewide admin UI)
Set Authentication to PAM.
If the PAM domain defines a password
command, you can set Password Management to PAM. If not, the PAM module cannot change the user's password and you should leave this option Disabled.
Leave Account Registration disabled.