On Mon, Jun 11, 2007 at 09:59:40AM +0200, Brian Schau wrote: > > You should use the (g)libc functions to determine group membership. You > > don't have to know if the user database is in sql, ldap, db, etc. > > Ok, so if I understand you correctly I can use PAM to authenticate the > user (f.ex. in LDAP) and then use the libc functions to verify the group > membership as if that information was present locally on the server? Yes, this second step would be in the account section. Note that you should be doing the authentication with a database specific module, like pam_ldap, pam_mysql, etc. Because for auth, these users won't be in local files either. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
