On Mon, 15 Jul 2013, Jan Bramkamp wrote:
On 15.07.2013 21:51, Daniel Eischen wrote:
Wouldn't it be easier just to edit /etc/nsswitch.conf
anyway?
PAM and NSS switch are two different subsystems. NSS is just for
resource lookups (users, groups, hosts, ...). PAM is for access control.
With ldap in nsswitch.conf for users and groups you can lookup a LDAP
user but the user can't log into $service through PAM. This requires
pam_ldap.so in pam.d/$service.
Minor correction. "This requires the ldap PAM library (pam_ldap.so)
to be installed." No pam.d entries seem to be needed. None seem
to be necessary on Solaris 10 either.
--
DE
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
