Re: pam_opensc auth_method=pkcs15-eid

Dominik Fischer wrote:
> Hello @all,
> I want to use pam_opensc to authentificate against an LDAP-Server:
>
> - What must be stored in LDAP? I think this is the "PEM encoded
> certificate"
> like in auth_method=pkcs15-eid, correct ?

#auth        required     pam_opensc.so auth_method=pkcs15-ldap

gregor

card "FH-GE-FB8-CERT OpenSC Project" {
        ldap "auth certificate" {
                ldaphost  = "localhost"
                ldapport  = 389
                scope     = 1
                binddn    = "cn=admin,dc=peggy-blue,dc=lab"
                passwd    = dummy
                base      = "ou=user,dc=peggy-blue,dc=lab"
                filter    = "(cn=%s)";
                attributes = "userCertificate"
        }
        ldap "ca certificate" {
                ldaphost = "localhost";
                ldapport = 389;
                scope = 1;
                binddn    = "cn=admin,dc=peggy-blue,dc=lab"
                passwd    = dummy
                base      = "ou=rootca,dc=peggy-blue,dc=lab"
                filter    = "(cn=rootca)";
                attributes = cACertificate;
        }
        ldap "crl" {
                ldaphost = "localhost";
                ldapport = 389;
                scope = 1;
                binddn    = "cn=admin,dc=peggy-blue,dc=lab"
                passwd    = dummy
                base      = "ou=rootca,dc=peggy-blue,dc=lab"
                filter    = "(cn=rootca)";
                attributes = certificateRevocationList;
        }
}

_______________________________________________
OpenSC-devel mailing list
OpenSC-devel@xxxxxxxxxx
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel