[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unified login (unix + windows)



>> How do the pam_ldap and nss_ldap check the password.  Do they request
>> a copy of the password, or attempt a login into LDAP?

pam_ldap attempts an LDAP BindRequest. nss_ldap attempts to
retrieve the userPassword attribute of the user.

>From browsing the source a few days ago, I noted that pam_ldap requires
>the rootdn and password. 

Incorrect, this is optional. pam_ldap just needs to be able to figure 
out the DN of a user.


-- Luke

--
Luke Howard | Darwin Developer | PADL Software Pty Ltd
www.padl.com | lukeh@darwin.apple.com | lukeh@padl.com