so... Ryan, you don't recomend use ldap to store user passwords and keep about user authetication? which will you recomand?
When i'm talking about login script, i mean linux machines when they get autenticated server passes an script to be executed on client machine. ( mount some networks disk, path...etc ) On 1/5/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > On Fri, Jan 05, 2007 at 08:56:24PM +0100, Maxim Bourmistrov wrote: > > On Friday 05 January 2007 20:05, Dave Ewart wrote: > > > On Friday, 05.01.2007 at 09:33 -0600, Ryan Corder wrote: > > > > > > > on Linux, I have done easily via nss_ldap, storing user and group > > > > accounts (the equivalent of /etc/passwd and /etc/groups) in LDAP > while > > > > keeping all actual authentication in Kerberos. It's fairly easy and > > > > very, very, very convenient to have this centralized system to do > AAA. > > > > > > I've been wondering about this too and haven't found any > documentation. > > > I use nss_ldap and pam_ldap to provide users, groups and > authentication > > > on my Debian boxes. > > > > > > Is there any way to do this under OpenBSD? > > > > check out login_ldap in ports. > > See Ryan's original post for why this does not suffice (it only > authenticates, but does not store other information - like the existence > of a user). > > To the best of my knowledge, no, there is not currently such a thing. It > would be easy enough to build a script to periodically sync > /etc/master.passwd and LDAP, but that's not quite the same... > > Joachim
