* Howard Chu <[email protected]> [20181216 14:18]: > Howard Chu wrote: > > Jean-Francois Malouin wrote: > >> * Howard Chu <[email protected]> [20181216 08:57]: > >>> Ryan Tandy wrote: > >>>> On Fri, Dec 14, 2018 at 03:24:17PM -0500, Jean-Francois Malouin wrote: > >>>>> I'm using libnss-ldap along with pam-ldap on Ubuntu and Debian clients. > >>>> > >>>> I have not tried this myself, but recent versions of nss-pam-ldapd > >>>> appear to include a 'chsh.ldap' command in the nslcd-utils package. > >>>> However it looks like > >>>> that would require you to be using libnss-ldapd and libpam-ldapd with > >>>> nslcd, rather than the old libnss-ldap and libpam-ldap. > >>> > >>> Would be best to be running those anyway, since the old stuff was > >>> deprecated long ago. > >> > >> Well, I hard-locked all the systems I tried to install libnss-ldapd along > >> with > >> nslcd: no ssh sessions, no console logins, nada. Once more, a PAM-related > >> issue I guess. > >> Also, it seems that all the info I find out there about how to configure > >> those > >> are either obsolete, very old and in some cases, 'not even wrong' :) > >> > >> As for being 'deprecated', https://wiki.debian.org/LDAP/NSS claims that: > >> > >> "In general libnss-ldapd is simpler but newer and libnss-ldap is more > >> mature > >> but more complex...". > > > > The author of nss_ldap and pam_ldap officially abandoned those packages ~9 > > years ago. Support > > for those packages was redirected from the authors at PADL.com to Symas.com > > back in 2007 or so, > > At least by April 2007 > http://scratchpad.wikia.com/wiki/Ldap?diff=2174401&oldid=129692 > > > and we (Symas) have promoted nss-pam-ldapd and OpenLDAP nssov since 2010. > > > > nss-ldap is not mature, it is dead.
:) Thanks all for the very interesting remarks and feedback. jf > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/
