* Howard Chu <[email protected]> [20181216 08:57]: > Ryan Tandy wrote: > > On Fri, Dec 14, 2018 at 03:24:17PM -0500, Jean-Francois Malouin wrote: > >> I'm using libnss-ldap along with pam-ldap on Ubuntu and Debian clients. > > > > I have not tried this myself, but recent versions of nss-pam-ldapd appear > > to include a 'chsh.ldap' command in the nslcd-utils package. However it > > looks like > > that would require you to be using libnss-ldapd and libpam-ldapd with > > nslcd, rather than the old libnss-ldap and libpam-ldap. > > Would be best to be running those anyway, since the old stuff was deprecated > long ago.
Well, I hard-locked all the systems I tried to install libnss-ldapd along with nslcd: no ssh sessions, no console logins, nada. Once more, a PAM-related issue I guess. Also, it seems that all the info I find out there about how to configure those are either obsolete, very old and in some cases, 'not even wrong' :) As for being 'deprecated', https://wiki.debian.org/LDAP/NSS claims that: "In general libnss-ldapd is simpler but newer and libnss-ldap is more mature but more complex...". Regards, jf > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/
