[Fedora-directory-users] support for non-localy stored passwords?
alex at milivojevic.org
alex at milivojevic.org
Wed Jun 29 20:48:57 UTC 2005
Quoting Pete Rowley <pete at openrowley.com>:
> It occurs to me that a simple pre-operation bind plugin plus pam would
> probably solve your problem. The plugin would alter the bind credentials so
> that the realm is added appropriateley - then it is simply a matter of
> setting up kerberos correctly for multiple domains and using the kerberos
> pam plugin.
>
> For that matter a simple pam auth plugin could do this too, though slightly
> less efficiently since it would need to query the DS to get the realm.
>
> Of course, this all requires code :)
Hmmm... Somehow I have a feeling that it would take less coding to add
support
for '{SASL}' stuff in FDS password verification code ;-)
(haven't seen the actual code, so just a wild guess)
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the Fedora-directory-users
mailing list