Bug#61210: [Pkg-shadow-devel] Bug#61210: Is really adding users to LDAP, Kerberos, NIS the job of useradd?

Thu, 12 May 2005 20:15:48 +0200

--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 12, 2005 at 07:05:29PM +0200, Christian Perrier wrote:
> The bug submitter here sugegsts:
>=20
> ------------------------------
> I think it would be very cool if the useradd, userdel, and related
> commands (adduser would probably have to be modified, but then, maybe
> not) simply used plug-ins for various name services (as glibc calls
> them; a.k.a., password databases) that can be used instead of the
> traditional Unix flat-file mechanism, such as LDAP, NIS(+), Kerberos, and
> the like. (though I'm asking for LDAP, because it owns the others ;)
> ------------------------------
>=20
> I'm not really sure that interacting with other name services is
> really the job of a low level utility such as useradd.
>=20
> In my opinion, adding accounts in all these systems is the job of
> their respective utilities (think about systems using winbind to
> authenticate users in Windows domains...do we *really* want useradd to
> be able to add Windows domain accounts=A0? How will it provide all the
> extra information these systems may require)
>=20
> In my opinion, such change is a real dream...and probably not likely.

Wait a minute. Isn't the submitter asking (in 2000) for PAM to come true?=
=20
If you use pam_ldap.so instead of pam_unix.so in /etc/pam.d/passwd, the flat
unix files won't get modified, but the ldap tree will, won't it?

Bye, Mt.

--MW5yreqqjyrRcusr
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCg51UIiC/MeFF8zQRArtdAJ4ybGanuUyGP8hKg6BGgTTpqewiTQCfSeQ4
hbKVuE8PqqfcoBfhZ/eOO18=
=h4q9
-----END PGP SIGNATURE-----

--MW5yreqqjyrRcusr--