Howard Chu wrote:
> Jean-Francois Malouin wrote:
>> * Howard Chu <hyc(a)symas.com> [20181216 08:57]:
>>> Ryan Tandy wrote:
>>>> On Fri, Dec 14, 2018 at 03:24:17PM -0500, Jean-Francois Malouin wrote:
>>>>> I'm using libnss-ldap along with pam-ldap on Ubuntu and Debian
>>>> I have not tried this myself, but recent versions of nss-pam-ldapd
appear to include a 'chsh.ldap' command in the nslcd-utils package. However it
>>>> that would require you to be using libnss-ldapd and libpam-ldapd with
nslcd, rather than the old libnss-ldap and libpam-ldap.
>>> Would be best to be running those anyway, since the old stuff was deprecated
>> Well, I hard-locked all the systems I tried to install libnss-ldapd along with
>> nslcd: no ssh sessions, no console logins, nada. Once more, a PAM-related
>> issue I guess.
>> Also, it seems that all the info I find out there about how to configure those
>> are either obsolete, very old and in some cases, 'not even wrong' :)
>> As for being 'deprecated', https://wiki.debian.org/LDAP/NSS
>> "In general libnss-ldapd is simpler but newer and libnss-ldap is more
>> but more complex...".
> The author of nss_ldap and pam_ldap officially abandoned those packages ~9 years
> for those packages was redirected from the authors at PADL.com
2007 or so,
At least by April 2007
> and we (Symas) have promoted nss-pam-ldapd and OpenLDAP nssov since 2010.
> nss-ldap is not mature, it is dead.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/