On Thu, May 12, 2005 at 07:05:29PM +0200, Christian Perrier wrote: > The bug submitter here sugegsts: > > ------------------------------ > I think it would be very cool if the useradd, userdel, and related > commands (adduser would probably have to be modified, but then, maybe > not) simply used plug-ins for various name services (as glibc calls > them; a.k.a., password databases) that can be used instead of the > traditional Unix flat-file mechanism, such as LDAP, NIS(+), Kerberos, and > the like. (though I'm asking for LDAP, because it owns the others ;) > ------------------------------ > > I'm not really sure that interacting with other name services is > really the job of a low level utility such as useradd. > > In my opinion, adding accounts in all these systems is the job of > their respective utilities (think about systems using winbind to > authenticate users in Windows domains...do we *really* want useradd to > be able to add Windows domain accounts ? How will it provide all the > extra information these systems may require) > > In my opinion, such change is a real dream...and probably not likely.
Wait a minute. Isn't the submitter asking (in 2000) for PAM to come true? If you use pam_ldap.so instead of pam_unix.so in /etc/pam.d/passwd, the flat unix files won't get modified, but the ldap tree will, won't it? Bye, Mt.
signature.asc
Description: Digital signature