Hacker News new | past | comments | ask | show | jobs | submit login

You realize that you didn't need to wait for PAM? That you could read NSS `shadow' table from LDAP in the same way as `passwd' is?



On all the Linux distributions I've used in the last 15 years, NSS has never been responsible for authentication, though. It's only been responsible for resolution actions like getpw* and getgr* (i.e. uid/gid to name), whereas PAM has been responsible for authentication and auditing. You have to configure both to support LDAP, not just one.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: