On Sat, Aug 28, 2010 at 11:08 AM, Boyd Stephen Smith Jr. <[email protected]> wrote: > >>(2) Or we need to change to use Kerberos instead of LDAP/PAM? > > I believe you can do "just" your NFS authentication with Kerberos and continue > using LDAP/PAM for most authentication; I have not tried that though. Yes and no. Technically, you can continue using pam_ldap module. But that means your users will have two passwords - one in LDAP and one in Kerberos, which is no a good idea. You can just replace pam_ldap module with pam_krb5 module in your pam stack and users should not feel the difference really (Plus you'll get bonuses like single-sign-on (SSO) for various network services like SSH).
-- Zaar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
