[Mike Gabriel] > For integration of Kerberos5 libpam-krb5 needs to be tweaked in a > way that it will only apply krb5 pam rules to uidNumbers greater > than 10000 (presuming that LDAP users on the Tjener start with > 10000).
Why? UIDs >= 1000 are supposed to be in LDAP, while the range from 500 to 1000 are supposed to be local users. So for me, the current default in libpapm-krb5 seem correct. Btw, it might be an alternative to use sssd instead of libpam-krb5. Vennlig hilsen, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
