[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#613214: use libpam-krb5 for uidNumbers greater than 10000 only (as opposed to the default > 1000)

[Mike Gabriel]
> For integration of Kerberos5 libpam-krb5 needs to be tweaked in a
> way that it will only apply krb5 pam rules to uidNumbers greater
> than 10000 (presuming that LDAP users on the Tjener start with
> 10000).

Why?  UIDs >= 1000 are supposed to be in LDAP, while the range from
500 to 1000 are supposed to be local users.  So for me, the current
default in libpapm-krb5 seem correct.

Btw, it might be an alternative to use sssd instead of libpam-krb5.

Vennlig hilsen,
Petter Reinholdtsen

Reply to: