|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Orion Poplawski (orion
cora.nwra.com)
Date: Mon Feb 23 2009 - 16:13:11 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Gary Greene <greeneg <at> tolharadys.net> writes:
>
> Problem is, far as I know, without using nss_cache, or something like it
> (libnss-db and friends, etc), you cannot cache credentials in a truly offline
> environment like notebooks run into for LDAP credentials using nscd. This
> coupled with nscd's track-record or silent failures that cannot be fixed
> reliably make the use of synchronized cached accounts a holy grail.
I agree completely. Would not trust offline auth to nscd. Haven't looked at
nss_cache/libnss-db.
I would like to be able to seed by off-line shadow account password from the
LDAP server, hence the other question about supporting SSHA in /etc/shadow.
Anything preventing this other than lack of code?
- Orion
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]