From owner-freebsd-current@FreeBSD.ORG Thu Nov 18 17:18:12 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D65EF16A4D6 for ; Thu, 18 Nov 2004 17:18:10 +0000 (GMT) Received: from lara.cc.fer.hr (lara.cc.fer.hr [161.53.72.113]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FEE243D53 for ; Thu, 18 Nov 2004 17:18:10 +0000 (GMT) (envelope-from ivoras@fer.hr) Received: from [127.0.0.1] (localhost.cc.fer.hr [127.0.0.1]) by lara.cc.fer.hr (8.13.1/8.13.1) with ESMTP id iAIHHlf1041395; Thu, 18 Nov 2004 18:17:47 +0100 (CET) (envelope-from ivoras@fer.hr) Message-ID: <419CD93B.8010906@fer.hr> Date: Thu, 18 Nov 2004 18:17:47 +0100 From: Ivan Voras User-Agent: Mozilla Thunderbird 0.9 (X11/20041111) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Dan Nelson References: <419CD314.80900@fer.hr> <20041118171012.GB19265@dan.emsphone.com> In-Reply-To: <20041118171012.GB19265@dan.emsphone.com> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 7bit cc: current@freebsd.org Subject: Re: Replacing passwd? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2004 17:18:12 -0000 Dan Nelson wrote: > In the last episode (Nov 18), Ivan Voras said: > passwd just uses PAM to set passwords, so the cleanest way would be to I see in the source that it calls some pam_* functions (I'm not an expert...), so it should probably be documented in the man page. > have a pam_smb module that does the password changes, and add it to > /etc/pam.d/passwd , or maybe tell have pam_ldap do it. The LDAP user entry contains both password used for unix (userPassword) and NT passwords (sambaNTPassword, sambaLMPassword) - can PAM modules be "stacked" to update all those fields? (if so, how? :) ) I still feel that installing pam_smb would not be a good idea since I'm authenticating on the FreeBSD machine just fine using only pam_ldap.