LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    autofs_ldap_auth.conf

    
    
    

    DESCRIPTION

           LDAP  authenticated  binds, TLS encrypted connections and certification
           may be used by setting appropriate values in the autofs  authentication
           configuration  file  and  configuring  the LDAP client with appropriate
           settings.     The    default    location    of     this     file     is
           /etc/autofs_ldap_auth.conf.  If this file exists it will be used to es-
           tablish whether TLS or authentication should be used.
    
           An example of this file is:
    
             <?xml version="1.0" ?>
             <autofs_ldap_sasl_conf
                     usetls="yes"
                     tlsrequired="no"
                     authrequired="no"
                     authtype="DIGEST-MD5"
                     user="xyz"
                     secret="abc"
             />
    
           If TLS encryption is to be used the location of the Certificate Author-
           ity certificate must be set within the LDAP client configuration in or-
           der to validate the server certificate. If, in  addition,  a  certified
           connection  is  to  be used then the client certificate and private key
           file locations must also be configured within the LDAP client.
    
    
    

    OPTIONS

           This files contains a single XML  element,  as  shown  in  the  example
           above, with several attributes.
    
           The possible attributes are:
    
           usetls="yes"|"no"
                  Determines  whether  an  encrypted connection to the ldap server
                  should be attempted.
    
           tlsrequired="yes"|"no"
                  This flag tells whether the ldap connection must  be  encrypted.
                  If  set  to  "yes", the automounter will fail to start if an en-
                  crypted connection cannot be established.
    
           authrequired="yes"|"no"|"autodetect"|"simple"
                  This option tells whether an  authenticated  connection  to  the
                  ldap server is required in order to perform ldap queries. If the
                  flag is set to yes, only sasl authenticated connections will  be
                  allowed.  If  it  is set to no then authentication is not needed
                  for ldap server connections. If it is set to autodetect then the
                  ldap server will be queried to establish a suitable sasl authen-
                  tication  mechanism. If no suitable mechanism can be found, con-
                  nections to the ldap server are made without authentication. Fi-
                  nally, if it is set to simple, then simple  authentication  will
                  be used instead of SASL.
                  are required:
    
                  external_cert="<client certificate path>"
    
                  This  specifies  the path of the file containing the client cer-
                  tificate.
    
                  external_key="<client certificate key path>"
    
                  This specifies the path of the file containing the  client  cer-
                  tificate key.
    
                  These two configuration entries are mandatory when using the EX-
                  TERNAL method as the HOME environment variable cannot be assumed
                  to be set or, if it is, to be set to the location we expect.
    
           user="<username>"
                  This attribute holds the authentication identity used by authen-
                  tication mechanisms that require it.  Legal values for this  at-
                  tribute include any printable characters that can be used by the
                  selected authentication mechanism.
    
           secret="<password>"
                  This attribute holds the secret used  by  authentication  mecha-
                  nisms  that  require it. Legal values for this attribute include
                  any printable characters that can be used by  the  selected  au-
                  thentication mechanism.
    
           encoded_secret="<base64 encoded password>"
                  This attribute holds the base64 encoded secret used by authenti-
                  cation mechanisms that require it. If this entry is  present  as
                  well as the secret entry this value will take precedence.
    
           clientprinc="<GSSAPI client principal>"
                  When  using GSSAPI authentication, this attribute is con-
                  sulted to determine the principal name to  use  when  au-
                  thenticating  to  the  directory server. By default, this
                  will be set to "autofsclient/<fqdn>@<REALM>.
    
           credentialcache="<external credential cache path>"
                  When using GSSAPI authentication, this attribute  can  be
                  used to specify an externally configured credential cache
                  that is used during authentication.  By  default,  autofs
                  will setup a memory based credential cache.
    
    
    

    SEE ALSO

           auto.master(5),
    
    
    

    AUTHOR

           This manual page was written by Ian Kent <raven@themaw.net>.
    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz