igluksic

Registered
Sep 26, 2008
1
0
51
Hello,

Is there a possibility of implementing an authorisation over an existing LDAP based data storage.

I guess there is no big deal with emails, but is there a way of doing this to cPanel services (ports 2083 and less importantly 2087) without them crashing.

OFC not to mention that copying records from LDAP to any locally stored format is not an option. ;)

I.
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,608
77
308
cPanel Access Level
Root Administrator
Hello,

Is there a possibility of implementing an authorisation over an existing LDAP based data storage.

I guess there is no big deal with emails, but is there a way of doing this to cPanel services (ports 2083 and less importantly 2087) without them crashing.

OFC not to mention that copying records from LDAP to any locally stored format is not an option. ;)

I.
There is no support for this in our product.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,216
12
313
Houston, TX
cPanel Access Level
Root Administrator
I know some customers have looked into implementing custom LDAP solutions based off the fact cPanel/WHM users are just standard Unix users. However, I am currently unaware of anyone who has successfully created a custom (unsupported) LDAP-based solution for cPanel/WHM logins.
 

FrankLaszlo

Active Member
Dec 19, 2008
35
0
56
Dragging this topic back up, as its come to my attention this could be very useful in our situation.

Why does cPanel/WHM not use PAM for authentication? This would facilitate the use of LDAP. It seems like its just reading users from /etc/passwd, which makes it very unfriendly to modification.
 

FrankLaszlo

Active Member
Dec 19, 2008
35
0
56
Dragging this topic back up, as its come to my attention this could be very useful in our situation.

Why does cPanel/WHM not use PAM for authentication? This would facilitate the use of LDAP. It seems like its just reading users from /etc/passwd, which makes it very unfriendly to modification.
I think I found the code that handles authentication. I believe its "/usr/local/cpanel/Cpanel/PwCache.pm" that handles it. (please let me know if I am off base)

So my new question is, should I decide to modify this to suit my needs, how often does it get changed? If I set the immutable flag on it, can you foresee any potential issues I might encounter?

Assuming I get it working properly, do you have a department to submit patches to? I would very much like to see this implemented upstream so I would no longer have to keep track of it.