Chapter 4 System Configuration
© 2017 Harmonic Inc. All rights reserved. 147 Harmonic MediaGrid Release 4.1
Authentication configuration parameters
Authentication configuration parameters
When you choose an authentication type you need to make sure that all of your system
authentication points (nsswitch.conf, PAM, Samba, mdscore, etc) are referring to the same
configuration.
Active Directory
/etc/pam.d/mdscore
auth required pam_ldap.so
account required pam_ldap.so
session required pam_ldap.so
password required pam_ldap.so
/etc/nsswitch.conf
passwd: compat ldap
group: compat ldap
shadow: compat ldap
Open Directory
/etc/pam.d/mdscore
auth required pam_ldap.so
account required pam_ldap.so
session required pam_ldap.so
password required pam_ldap.so
/etc/nsswitch.conf
passwd: compat ldap
group: compat ldap
shadow: compat ldap
LDAP
This PAM configuration for mdscore accounts for the identical (local files then LDAP) ordering. In
either order, the ability for the first to provide faulty information overwriting the second is possible.
CAUTION: You must have unique users and groups between your authentication server and MediaGrid
components to prevent faulty information overwriting.
auth sufficient pam_unix.so
auth required pam_ldap.so
account sufficient pam_unix.so
account required pam_ldap.so
session sufficient pam_unix.so
session required pam_ldap.so
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password required pam_ldap.so
To Next Page
Loading...
