Subject: Re: OpenLDAP client
To: asker survey <asker_student@yahoo.com>
From: None <cube@cubidou.net>
List: netbsd-help
Date: 03/29/2004 15:41:28
On Mon, Mar 29, 2004 at 05:33:14AM -0800, asker survey wrote:
> Hello;
> 	Am a FreeBSD and OpenBSD user. I cannot use OpenLDAP
> client on FreeBSD 4.X to authenticate my shell users
> from a Linux server. I notticed NetBSD uses nsswitch
> like Linux. I want to know if I can use OpenLDAP
> client to athunticate shell users. If the answer is
> "Yes" is there any particulare thing that I must know.

The answer is no, but that's not all of it.

You're confusing the use of nsswitch and PAM.  PAM, in both
Linux and FreeBSD, is used to authenticate users, whereas
nsswitch is a way to identify elements and retrieve information
about them.

With PAM (or, some might say, BSDAuth), you check that someone
is really who she is pretending.  nsswitch is more like a
directory, where you retrieve a telephone number from a name.

NetBSD has no support for sources of authentification other
than traditional passwd, NIS and Kerberos.  There is work in
progress on both the identification and authentication fronts,
but don't expect anything new on that level in 2.0.  (Yes, it's
unfortunate.)

Quentin Garnier.