[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap, pam_ldap, accounts

To: Ben Collins <bcollins@debian.org>
Subject: Re: openldap, pam_ldap, accounts
From: David J N Begley <david@avarice.nepean.uws.edu.au>
Date: Sun, 5 Dec 1999 09:12:13 +1100 (EST)
Cc: "John P. Looney" <jplooney-ldap@online.ie>, OpenLDAP-general@OpenLDAP.org
In-reply-to: <19991204083743.A1182@lappy.djj.state.va.us>

On Sat, 4 Dec 1999, Ben Collins wrote:

> On Sat, Dec 04, 1999 at 12:31:05PM +1100, David J N Begley wrote:

> > If you are trying to move certain users entirely out of /etc/* files to
> > an LDAP directory (but still have them act/react like normal UNIX
> > users), then at the very least you will need both nss_ldap and pam_ldap.
> 
> Actually it depends on which PAM module you are using.
[...]
> For password changing you will need pam_ldap, so it can talk directly with
> the ldap server.

As I said, "but still have them act/react like normal UNIX users".

> The nss_ldap module will keep a "shadow-like" system by using a seperate
> file for binddn and bind password with correct perms (root.shadow 640).

Is this the suggested patch submitted recently for PADL's nss_ldap/pam_ldap,
or some Linux-specific hack?


dave

Follow-Ups:
- Re: openldap, pam_ldap, accounts
  - From: Ben Collins <bcollins@debian.org>

References:
- Re: openldap, pam_ldap, accounts
  - From: Ben Collins <bcollins@debian.org>

Prev by Date: Re: openldap, pam_ldap, accounts
Next by Date: Re: openldap, pam_ldap, accounts
Index(es):
- Chronological
- Thread