I would like to synchronize users’ local accounts’ passwords with their network accounts. My thought is to do this immediately following a successful authentication using Kerberos. Right now I am using pam_krb5 to authenticate with a fallback to pam_unix. I would like to place something in the flow of execution after a successful Kerberos authentication that would use the provided password to update the local account, then bypass authenticating against pam_unix, but I can’t find anything that does this. I have already configured PAM to update local passwords with remote passwords when done using passwd, but very few if any of my users will use passwd to change their network account password. Any thoughts?
Description: S/MIME cryptographic signature