[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How exactly does PAM figure into things? Was: Alternatives to LDAP



> > Actually, OS X login uses PAM (in 10.2).
>
>Yea! This is great news. (I don't have my hands on 10.2 yet.)

Right, it hasn't been released, but the PAM code is in Darwin so I can
talk about it. Without getting too off-topic here, there is pretty much a
single PAM module (pam_securityserver) which talks to the SecurityServer
daemon. That then talks to the DirectoryServices daemon, which finally
does the authentication against LDAP or NetInfo (or whatever). I believe
the first two communications occur over Mach IPC.

-- Luke

--
Luke Howard | lukehoward.com
PADL Software | www.padl.com