| RSS |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Citando Jason Gerfen <jason.gerfen@xxxxxxxxxxxx>:
I modified the original pam_krb5 module to do something similar to this, here is a brief list of features: - Performs standard KRB TGT process - If valid TGT received from KDC check for local account - If no local account already present it performs a AD/LDAP query (no authentication against LDAP) - Then creates a passwordless local account for the user as well as home directory
Interesting. I'll take a look at the account creation portion of it.
A lot of people do the opposite by modifications to the PAM stack to use the nss_ldap to enumerate accounts.
This is not possible with RADIUS, since it can't enumerate users - only authenticate them. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
[Home] [Kernel List] [Red Hat Install] [Linux for the blind] [Red Hat Watch List] [Gimp] [Kerberos: The Definitive Guide]
|
|