Hi On Fri, Mar 30, 2001 at 10:15:24AM +1000, Russell Coker wrote: > On Friday 30 March 2001 08:55, Russell Coker wrote: > > Good point. The problem is that the NSS interface doesn't allow for such > > things so you would have to use pam_ldap for all authentication (no big > > deal just a minor PITA to change all the /etc/pam.d files and keep them > > maintained). Then what we need is an option for pam-ldap to specify which > > filter should be used. I think using pam_ldap in favor the NSS interface isn't a big problem.
> The down-side to this is that you need a separate config file for each > service that is to be independantly controlled. However it shouldn't be to > difficult to create these with M4 macros. Well, at least that's an solution. However I don't like it too much, to have a whole bunch of config files lying around. If I find the time (imagine the if written in real big letters), I will try to implement this in pam_ldap, where it belongs (IMHO). Anyway, thanks for this solution, I will incorporate this in my existing configuration as well MfG/Regards, Alexander -- Alexander Reelsen http://joker.rhwd.de [EMAIL PROTECTED] GnuPG: pub 1024D/F0D7313C sub 2048g/6AA2EDDB [EMAIL PROTECTED] 7D44 F4E3 1993 FDDF 552E 7C88 EE9C CBD1 F0D7 313C Securing Debian: http://joker.rhwd.de/doc/Securing-Debian-HOWTO
