On Wed, Mar 07, 2018 at 11:08:05PM +0100, Sven Hartge wrote: > > This is why you use libpam-ldapd (instead of libpam-ldap) in combination > with libnss-ldapd (instead of libnss-ldap). > > Its design with a separate daemon (nslcd) doing the actual LDAP > connection is far superior compared to the original lib*-ldap code. > > It also means that libldap itself is only mapped into the central > server process and not into every process on the system. > Personally, I found sssd (along with libpam-sss and libnss-sss) to be much better behaved.
Regards, -Roberto -- Roberto C. Sánchez