Re: On PAM and authentication
> I recently tried out LDAP on my machine for authentication. I used tools
> available at http://www.rage.net/ldap/, and I'm pleased to say it works.
> By using the NSS module, it works with all existing tools, including XDM,
> etc., that I have tried, except for tin (my version is libc5 though),
> and passwd, gpasswd, etc (for users authenticated via LDAP).
This is good news. I spent some time hacking at LDAP and wasn't as
successful. I was interested in using it for e-mail directories.
I didn't think it was hard to setup once I figured out what had to be
done. It was the browsing tools that seems to be hokey.
> Presumably this implies that if we use PAM for authentication, AND have a
> /lib/libnss_pam.so.1 library, not many mods will NEED to be done (although
> for full PAM support mods will be necessary, AFAICT).
> However, it would be very useful if the libc5 (and libc4????!!) functions could
> somehow be patched through to the NSS stuff (perhaps via IPC and a daemon?)
> Some things like rvplayer and older netscapes are very definitely libc5-only.
> In summary: I have a feeling PAM and LDAP will work great (although LDAP was
> a bit difficult to set up).
> Tom Lees <email@example.com> <firstname.lastname@example.org> http://www.lpsg.demon.co.uk/
> PGP Key: finger email@example.com, http://www.lpsg.demon.co.uk/pgpkeys.asc.
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com