diff options
| -rw-r--r-- | README | 38 |
1 files changed, 38 insertions, 0 deletions
@@ -0,0 +1,38 @@ +pam_propperpwnam + +A PAM module that uses the entered login name as key to +query the password database configured through nsswitch.conf +and replaces the login name with what has been returned. + +On the typical system this module performs an identity transform. +The main usage scenario are systems in networks where a user name +is used in several distinct authentication systems, some of them +being case sensitive and others not. For example the main system +may do case insensitive username lookups, while the workstations +are case sensitive. In such environments users are often puzzeled +about a username working in one situation does not work in another. +Actually this module has been written for this very reason. + +CONFIGURATION + +pam_propperpwnam.so needs no configuration except adding it as "optional" +early in in the list of PAM modules executed for user authentication. +A good place in most distributions is /etc/pam.d/common-auth + +Example configuration, authentication with rewritten username against +Kerberos5 infrastructure: + + auth [success=done new_authtok_reqd=done default=ignore] pam_unix.so + auth optional pam_propperpwnam.so + auth required pam_krb5.so use_first_pass forwardable + auth required pam_permit.so + auth optional pam_group.so + +BUGS AND ISSUES + +Probably there are some, but they are not known yet. + +AUTHOR + +Wolfgang Draxinger, Wolfgang.Draxinger@physik.uni-muenchen.de + |