All, I've been looking longingly at the PAM pass-through module as it would give us access to capabilities we've wanted for a while. I've looked at the README, but I still have a few questions. 1. Is it possible to specify PAM as the authentication on a per-account basis? 2. Is it possible to specify authentication escalation on failure on a per account basis? 3. Has anyone deployed it in a production environment? If so, what type(s) of PAM auth did you use? Also, if anyone has any successful examples of using two-factor authentication tokens (specifically either SecureID or CryptoCard, but also others), I would love to hear about them. It seems that none of the vendors providing token-based support LDAP as a primary user info repository directly, which is odd, to say the least. I'd like to add that compared to OpenLDAP, Fedora DS is a breath of fresh air. Thanks for making it available. Chris. -- Chris Maresca Olliance Group, LLC www.olliancegroup.com
