pam_ldap_go

please be note, this will work with any ldap server that uses ssl/tls

the cert of remote ldap server will be verified with system root CA

configure

DirectBindAuth: false/true

true:

steps: bind -> success

false:

steps: bind -> search -> bind -> success

toggling ture means it will bind authuser directly for auth

without requiring binduser/bindpass for search then bind authuser

toggleing false means regular binding auth process

ObjectClass/BindDN/BindPW options are only used for filtering search (DirectBindAuth=false)

Insecure: false/true

false will make it not check the remote cert

params it can take

auth        sufficient    pam_ldap_go.so  config=/etc/pam_ldap.yaml <-default location
account     required      pam_ldap_go.so  skipValidate <- this will force account validation to pass

how to compile

go build -buildmode=c-shared -o /lib64/security/pam_ldap_go.so main.go

License

BSD

thanks for

github.com/zro/pam

this is mostly helpful for writing a pam module in golang

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
vendor		vendor
Gopkg.lock		Gopkg.lock
Gopkg.toml		Gopkg.toml
README.md		README.md
config.yaml		config.yaml
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

pam_ldap_go

configure

DirectBindAuth: false/true

Insecure: false/true

params it can take

how to compile

License

thanks for

About

Releases

Packages

Languages

cxfcxf/pam_ldap_go

Folders and files

Latest commit

History

Repository files navigation

pam_ldap_go

configure

DirectBindAuth: false/true

Insecure: false/true

params it can take

how to compile

License

thanks for

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages