[EMAIL PROTECTED] writes: > Yup, it's at http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/
Thanks. I don't know how I overlooked that. I noticed in the README for libpam-ldap that you need to use some secure socket mechanism if you really want an ldap setup to be secure. Is there a doc somewhere that explains the best way to set that up? The README mentions several alternatives (CRAM-MD5 and SSL/TLS), but I don't know enough to know which would be preferable or how to set them up. Also, I'm wondering if it would be useful (if it hasn't been done already) to generate chsh and chfn replacements (like the passwd one) to handle changing the attributes in the ldap server rather than locally when the user's info is in ldap. I suppose this would require augmentation of the pam-apps package... Is there any overriding plan to integrate all this stuff? What would be nearly ideal is if there were a config file somewhere where you could just tell the system that all user accounts should be handled by ldap and have all the appropriate tools do the right thing. This looks like the direction things are going with libpam-ldap, but I didn't know if that was the final goal. Thanks -- Rob Browning <[EMAIL PROTECTED]> PGP=E80E0D04F521A094 532B97F5D64E3930
