Differences

This shows you the differences between two versions of the page.

--- linux:arch_ad_backend [2016/10/19 23:04]
walter [Packages]
+++ linux:arch_ad_backend [2018/06/11 17:25]
bmiddha
@@ Line 9: / Line 9: @@
 pam-krb5
-acm-pam ([[linux:acm_custom_repo|acm repo]])
-acm-admins-sudo ([[linux:acm_custom_repo|acm repo]])
 ====== Configs ======
 ===== Kerberos =====
-<file|krb5.conf>
+<file|/etc/krb5.conf>
 [libdefaults]
         default_realm = ACM.CS
@@ Line 41: / Line 38: @@
 **Make sure nslcd.conf can only be read by root**
-<file|nslcd.conf>
+<file|/etc/nslcd.conf>
 uid nslcd
 gid nslcd
@@ Line 86: / Line 83: @@
 Edit the passwd, shadow, and group lines to this
-<file|nsswitch.conf>
+<file|/etc/nsswitch.conf>
 passwd: files ldap [NOTFOUND=return]
 shadow: files ldap [NOTFOUND=return]
@@ Line 101: / Line 98: @@
 To give admins sudo
-<file|sudoers>
+<file|/etc/sudoers.d/AcmLanAdmins>
 %AcmLanAdmins ALL=(ALL) ALL
 </file>
-===== PAM =====
+<file|/etc/pam.d/system-auth>
+auth      sufficient pam_ldap.so
+auth      required  pam_unix.so     try_first_pass nullok
+auth      optional  pam_permit.so
+auth      required  pam_env.so
-These files are in /etc/pam.d
+account   sufficient pam_ldap.so
+account   required  pam_unix.so
+account   optional  pam_permit.so
+account   required  pam_time.so
-Force install acm-pam
+password  sufficient pam_ldap.so
-<code>
+password  required  pam_unix.so     try_first_pass nullok sha512 shadow
-pacman -S --force acm-pam
+password  optional  pam_permit.so
-</code>
-This will install a working PAM stack for auth against the ACM AD domain
+session   required  pam_limits.so
+session   required  pam_unix.so
+session   optional  pam_ldap.so
+session   optional  pam_permit.so
+</file>

UIC ACM

User Tools

Site Tools

Differences

Page Tools