[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: A possible way to have NT authentic against LDAP (RFI)
>I originally thought of wrapping the 'passwd' command on the UNIX side
>because a user password change would have to update two ldap databases,
>the windows (win2k) and the unix. Does ldap_pam allow updating 2
>different ldap servers? if so, great.
No, you could modify it to do so. Maybe SAMBA's pam_ntdom
allows you to update passwords? If so, you could stack
that. Or you could stack two pam_ldap modules iff you
modified pam_ldap to take some of its configuration from
pam.conf.
>The biggest advantage of this scheme is that only the PDC needs to be
>altered (and that's to add one DLL) and the UNIX and windoze ldap
>servers can keep their schemas as they please.
Netscape wrote such a notify DLL that works with their
LDAP server. I'm sure they would be happy to sell you
Directory Server for NT!
-- Luke
--
Luke Howard | Darwin Developer | PADL Software Pty Ltd
www.padl.com | lukeh@darwin.apple.com | lukeh@padl.com