Index: openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.adp,v
diff -u -r1.1.2.5 -r1.1.2.6
--- openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.adp 10 Nov 2016 14:51:18 -0000 1.1.2.5
+++ openacs-4/packages/acs-authentication/www/doc/ext-auth-pam-install.adp 20 Jun 2017 06:57:55 -0000 1.1.2.6
@@ -18,7 +18,7 @@
Add PAM support to
AOLserver. OpenACS supports PAM support via
the PAM AOLserver module. PAM is system of modular support, and can
-provide local (unix password), RADIUS, LDAP (more information), and other forms of
+provide local (unix password), RADIUS, LDAP (more information), and other forms of
authentication. Note that due to security issues, the AOLserver PAM
module cannot be used for local password authentication.
Using Pluggable Authentication Modules (PAM) with OpenACS
OpenACS supports PAM authetication via the ns_pam module in AOLserver.
Add PAM support to AOLserver. OpenACS supports PAM support via the PAM AOLserver
module. PAM is system of modular support, and can provide
- local (unix password), RADIUS, LDAP (more
+ local (unix password), RADIUS, LDAP (more
information), and other forms of
authentication. Note that due to security issues, the
AOLserver PAM module cannot be used for local password
@@ -59,7 +59,7 @@
/etc/pam.d/service0
with these contents:
auth sufficient /lib/security/pam_radius_auth.so
Modify the AOLserver configuration file to use
- this PAM domain. Edit the line
ns_param PamDomain "service0"
So that the value of the parameter matches the name (just the file name, not the fully pathed name) of the domain file in
Modify the AOLserver configuration file to support ns_pam.
In
/var/lib/aolserver/service0/etc/config.tcl, enable the nspam module by uncommenting this line:
ns_param nspam ${bindir}/nspam.so
Install auth-pam OpenACS service package. Installauth-pam and restart the server.
Create an OpenACS authority. OpenACS supports multiple authentication authorities.
The OpenACS server itself is the "Local Authority," used by
default.
Browse to the authentication administration page,
Index: openacs-4/packages/acs-authentication/www/doc/xml/install.xml
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/xml/install.xml,v
diff -u -r1.5.14.1 -r1.5.14.2
--- openacs-4/packages/acs-authentication/www/doc/xml/install.xml 21 Apr 2017 15:35:24 -0000 1.5.14.1
+++ openacs-4/packages/acs-authentication/www/doc/xml/install.xml 20 Jun 2017 06:57:55 -0000 1.5.14.2
@@ -22,7 +22,7 @@
OpenACS supports PAM support via the PAM AOLserver
module. PAM is system of modular support, and can provide
local (unix password), RADIUS, LDAP (more
+ url="http://www.tldp.org/HOWTO/archived/LDAP-Implementation-HOWTO/pamnss.html">more
information), and other forms of
authentication. Note that due to security issues, the
AOLserver PAM module cannot be used for local password
@@ -125,7 +125,7 @@
LDAP in PAM
- more information
+ more information
Index: openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.adp,v
diff -u -r1.1.2.6 -r1.1.2.7
--- openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.adp 21 Apr 2017 15:35:24 -0000 1.1.2.6
+++ openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.adp 20 Jun 2017 07:03:40 -0000 1.1.2.7
@@ -133,7 +133,7 @@
Troubleshooting. If you're
having trouble figuring out some the values for the ldapm, see this
-useful page on setting up Active Directory integration with Bugzilla.
+useful page on setting up Active Directory integration with Bugzilla.
It explains how distinguished names are defined in Active
Directory, and how to test that you have the correct values for
connectivity and base DN using the OpenLDAP command-line utility
@@ -151,4 +151,4 @@
rightLink="configure-batch-sync" rightLabel="Next" rightTitle="Configure Batch Synchronization"
homeLink="index" homeLabel="Home"
upLink="ext-auth-install" upLabel="Up">
-
\ No newline at end of file
+
Index: openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.html
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.html,v
diff -u -r1.5.14.2 -r1.5.14.3
--- openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.html 21 Apr 2017 15:35:24 -0000 1.5.14.2
+++ openacs-4/packages/acs-authentication/www/doc/ext-auth-ldap-install.html 20 Jun 2017 07:03:40 -0000 1.5.14.3
@@ -65,4 +65,4 @@
set result(auth_status) ok
}
-
Troubleshooting. If you're having trouble figuring out some the values for the ldapm, see this useful page on setting up Active Directory integration with Bugzilla. It explains how distinguished names are defined in Active Directory, and how to test that you have the correct values for connectivity and base DN using the OpenLDAP command-line utility ldapsearch.John had an issue where nsldap was not loading because AOLServer couldn't find the openldap client libraries, but he was able to fix it by adding the openldap libraries to his LD_LIBRARY_PATH (e.g. /usr/local/openldap/lib)
Troubleshooting. If you're having trouble figuring out some the values for the ldapm, see this useful page on setting up Active Directory integration with Bugzilla. It explains how distinguished names are defined in Active Directory, and how to test that you have the correct values for connectivity and base DN using the OpenLDAP command-line utility ldapsearch.John had an issue where nsldap was not loading because AOLServer couldn't find the openldap client libraries, but he was able to fix it by adding the openldap libraries to his LD_LIBRARY_PATH (e.g. /usr/local/openldap/lib)
