HylaFAX The world's most advanced open source fax server

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [hylafax-users] hylafax and ldap.



Giuseppe Sacco wrote:

with this setup I have some success and some failure, dependent from the
os system and the hylafax version.


I've fixed the PAM support in HylaFAX+ 5.0.2.


The nature of the problems would usually cause PAM authentication to fail, however, in some PAM implementations the problems were not a problem... so OpenPAM users may have been okay with PAM the way it was while Linux users would not. And, in past HylaFAX versions there were some major issues that caused authentication to succeed if PAM was merely attempted... despite the result of the PAM calls. So that's why you see the success and failure as you have. PAM with 5.0.2 should be fine now... works for me at least with pam_unix.so.

Dealing with PAM, but off the topic of this thread... The design of allowing users to authenticate with PAM *or* hosts.hfaxd makes it impossible for hfaxd to turn full authentication control over to PAM... which means that exotic pam usage (like fingerprint scanners or retina scanners ... or anything that's not similar to the traditional HylaFAX login method) will probably not work quite right. In order to get these to work we'd need to add a "disable hosts.hfaxd authentication" feature and then recode the PAM support for that situation to turn full control over to PAM. Authentication with things like ldap, sql, passwd, shadow, etc., should work fine now, though.

Lee.

____________________ HylaFAX(tm) Users Mailing List _______________________
 To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
 *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*




Project hosted by iFAX Solutions