Date: Sat, 29 Nov 2003 14:20:19 +0100 From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: richardcoleman@mindspring.com Cc: freebsd-current@freebsd.org Subject: Re: NSS and PAM Message-ID: <xzpbrqvfh0s.fsf@dwp.des.no> In-Reply-To: <3FC82FB7.3070800@mindspring.com> (Richard Coleman's message of "Sat, 29 Nov 2003 00:33:43 -0500") References: <20031129011334.GC88553@madman.celabo.org> <xzpbrqw7xsb.fsf@dwp.des.no> <3FC82FB7.3070800@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Richard Coleman <richardcoleman@mindspring.com> writes: > Replacing passwd/group/NSS/PAM/whatever with a real database or > directory backend is a kind of holy grail for Unix that's been > discussed for many years. You're mixing apples and oranges here. NSS and PAM are not backends in themselves; they are frameworks that allow the admin to select and combine directory and authentication backends and policies. You can't get by without them, because you will never find a single solution that can replace the entire installed base of LDAP, Radius, TAC+, Kerberos etc., and you can't enforce policy from the backend. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpbrqvfh0s.fsf>