pam_opendirectory.8 [plain text]
.\" Copyright (c) 2009 Apple Inc. All rights reserved.
.\" This file contains Original Code and/or Modifications of Original Code
.\" as defined in and that are subject to the Apple Public Source License
.\" Version 2.0 (the 'License'). You may not use this file except in
.\" compliance with the License. Please obtain a copy of the License at
.\" http://www.opensource.apple.com/apsl/ and read it before using this
.\" The Original Code and all software distributed under the License are
.\" distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
.\" EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
.\" INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
.\" FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
.\" Please see the License for the specific language governing rights and
.\" limitations under the License.
.Dd February 7, 2009
.Dt pam_opendirectory 8
.Nd OpenDirectory PAM module
.Op Ar service-name
.Op Ar options
The OpenDirectory PAM module supports the authentication, account management and password management function classes. In terms of the
parameter, these are
.Dq Li auth ,
.Dq Li account
.Dq Li password
.Ss The OpenDirectory Authentication Module
The OpenDirectory authentication module permits or denies users based on OpenDirectory password authentication.
The following option may be passed to this authentication module:
.It Cm nullok
Allow null passwords.
.Ss The OpenDirectory Account Management Module
The OpenDirectory account management module permits or denies users based whether the account is enabled in OpenDirectory.
The following option may be passed to this account management module:
.It Cm no_check_shell
Skip validating the user's shell.
.It Cm no_check_home
Skip validating the user's home directory.
.It Cm refresh Ns = Ns Ar min
Sets the mbr_check_membership(3) cache timeout to
minutes. When this option is used, the
value must be specified, and it must be an integer.
.Ss The OpenDirectory Password Management Module
The OpenDirectory password management module supports password changing and enforces the OpenDirectory password policy.
.Sh SEE ALSO
.Xr mbr_check_membership 3 ,
.Xr pam.conf 5 ,
.Xr pam 8 ,
.Xr pwpolicy 8 ,
.Xr DirectoryService 8