> on OpenBSD, for things like samba servers or user logins to the > machine, the account must be created locally as well as in the LDAP > database. at least this is the current state of affairs. > >
trivia: This contrasts to e.g. the linux/solaris situation where a nss (Name Service Switch) module is used to also get account details from ldap (a pam ldap module is used for auth) - confusion usually arises because both the nss and pam modules tend to be bundled together. A similar situation can arise on linux if you reconfigure pam for ldap without reconfiguring nss.
