NSS and PAM
des at des.no
Sat Nov 29 05:20:29 PST 2003
Richard Coleman <richardcoleman at mindspring.com> writes:
> Replacing passwd/group/NSS/PAM/whatever with a real database or
> directory backend is a kind of holy grail for Unix that's been
> discussed for many years.
You're mixing apples and oranges here. NSS and PAM are not backends
in themselves; they are frameworks that allow the admin to select and
combine directory and authentication backends and policies. You can't
get by without them, because you will never find a single solution
that can replace the entire installed base of LDAP, Radius, TAC+,
Kerberos etc., and you can't enforce policy from the backend.
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-current