On Tue, Jul 03, 2007 at 04:13:42PM +0100, Mikolaj Kucharski wrote: > Does login_ldap takes only passwords from ldap, or something more? Does > it need to be a user entry in /etc/passwd to login_ldap work or is it > possible to have default (without production usernames) /etc/passwd and > have rest of userbase in ldap?
Use the list. That's what it's for. With login_ldap, you do need to have users also defined in the bsd passwd database. You also need to define a shell and a home directory. You do not have to assign a password. If you do assign a password, it will be overridden by the ldap server password. It's not a great solution (having to provision bsd accounts too), but it's better than maintaining 437 passwords on 342 servers. -ME
