Doesn't this ask for fully integrating SHA-2 password support
Clearly you haven't thought this through.
No, because that doesn't solve the problem of how to use other contrib passwd
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/