pam_opendirectory(8) BSD System Manager's Manual pam_opendirectory(8)NAMEpam_opendirectory — OpenDirectory PAM module
SYNOPSIS
[service-name] function-class control-flag pam_opendirectory [options]
DESCRIPTION
The OpenDirectory PAM module supports the authentication, account manage‐
ment and password management function classes. In terms of the
function-class parameter, these are “auth”, “account” and “password”
respectively.
The OpenDirectory Authentication Module
The OpenDirectory authentication module permits or denies users based on
OpenDirectory password authentication.
The following option may be passed to this authentication module:
nullok Allow null passwords.
The OpenDirectory Account Management Module
The OpenDirectory account management module permits or denies users based
whether the account is enabled in OpenDirectory.
The following option may be passed to this account management module:
no_check_shell
Skip validating the user's shell.
no_check_home
Skip validating the user's home directory.
refresh=min
Sets the mbr_check_membership(3) cache timeout to min min‐
utes. When this option is used, the min value must be speci‐
fied, and it must be an integer.
The OpenDirectory Password Management Module
The OpenDirectory password management module supports password changing
and enforces the OpenDirectory password policy.
SEE ALSOmbr_check_membership(3), pam.conf(5), pam(8), pwpolicy(8),
DirectoryService(8)BSD February 7, 2009 BSD