From owner-freebsd-questions@FreeBSD.ORG  Fri Jul 11 13:01:53 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3CB0E106567D
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Jul 2008 13:01:53 +0000 (UTC)
	(envelope-from fbsd.questions@rachie.is-a-geek.net)
Received: from snoogles.rachie.is-a-geek.net (rachie.is-a-geek.net
	[66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 20DE58FC0C
	for <freebsd-questions@freebsd.org>;
	Fri, 11 Jul 2008 13:01:52 +0000 (UTC)
	(envelope-from fbsd.questions@rachie.is-a-geek.net)
Received: from localhost (localhost [127.0.0.1])
	by snoogles.rachie.is-a-geek.net (Postfix) with ESMTP id 047A11CD18;
	Fri, 11 Jul 2008 05:01:52 -0800 (AKDT)
From: Mel <fbsd.questions@rachie.is-a-geek.net>
To: freebsd-questions@freebsd.org
Date: Fri, 11 Jul 2008 15:01:50 +0200
User-Agent: KMail/1.9.7
References: <2714.204.184.27.217.1215704516.squirrel@mail.bloomfield.k12.mo.us>
	<4876A338.2010502@gmail.com>
In-Reply-To: <4876A338.2010502@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200807111501.50971.fbsd.questions@rachie.is-a-geek.net>
Cc: Tim Judd <tajudd@gmail.com>, members@mlug.missouri.edu,
	sgmayo@mail.bloomfield.k12.mo.us
Subject: Re: Ldap NSS PAM Samba
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jul 2008 13:01:53 -0000

On Friday 11 July 2008 02:03:04 Tim Judd wrote:
> I can't quote easily what the difference
> between NSS and PAM is

PAM is a module that abstracts authentication, it does not authenticate 
itself, yet asks "providers" if the information passed to it is correct and 
then relays this to the application or tries a different method if this is 
allowed.

NSS is an abstraction of cryptographic protocols, applied to a network. In 
this schema, it is a transport provider:

 ------- Application -------    ----- Network -----
/                           \  /                   \
+---------------+       +-----+       +-----+       +---------------+
+ User/password | <---> | PAM | <---> | NSS | <---> | LDAP database +
+---------------+       +-----+       +-----+       +---------------+
                           \                            /
                            \______Authentication______/

-- 
Mel

Problem with today's modular software: they start with the modules
    and never get to the software part.