pam_ldap

The pam_ldap module provides the means for Solaris and Linux servers and workstations to authenticate against LDAP directories, and to change their passwords in the directory.

Key Benefits

• Uses the Pluggable Authentication Module API defined in OSF DCE RFC 86.0.
• Can utilize transport layer security (such as SSL or TLS) to encrypt transactions between the workstation and the LDAP server and provide strongly authenticated sign-on
• Support for SASL interactive authentication for strong authentication without the overhead of SSL/TLS
• Shares configuration information with nss_ldap module
• Supports PADL NIS/LDAP Gateway locator for finding LDAP servers
• Supports Netscape and IETF password policies
• Supports host- and group-based logon authorization

Requirements

The pam_ldap module supports the following platforms:

• AIX 5L
• FreeBSD 3.x and above
• HP-UX 11i
• Linux
• Mac OS X 10.2 and above
• Solaris 2.6 and above

In addition, pam_ldap requires an LDAP client library, and (optionally) a SASL library compatible with the Cyrus SASL API.

Availability

The software is distributed under the terms of the GNU Lesser General Public License. Please familiarize yourself with the license before downloading the software. Alternative licenses are available through our relicensing program.

The current version is available by FTP, or HTTP.