David Walser <luigiwalser@...> writes: > Thierry Vignaud <thierry.vignaud@...> writes: > > good luck with nslcd (if you use TLS you'll have to tell SELinux about it), > > Even if you don't use SELinux? > > > I advise you sssd, it just work directly, one single config file to write > > for > > both PAM & NSS... > > Is that not the case for nss-pam-ldapd? I haven't investigated them yet. > > I did find out that there's some security bugs in sssd though (fixed > upstream): > https://bugs.mageia.org/show_bug.cgi?id=9027
Incidentally there's a security bug in nss-pam-ldapd too: https://bugs.mageia.org/show_bug.cgi?id=9113 I'm not sure which of the three patches (two linked by upstream advisory, one used by Debian in their update) is the right one to fix it.