Gary Greene <greeneg <at> tolharadys.net> writes: > > Problem is, far as I know, without using nss_cache, or something like it > (libnss-db and friends, etc), you cannot cache credentials in a truly offline > environment like notebooks run into for LDAP credentials using nscd. This > coupled with nscd's track-record or silent failures that cannot be fixed > reliably make the use of synchronized cached accounts a holy grail. I agree completely. Would not trust offline auth to nscd. Haven't looked at nss_cache/libnss-db. I would like to be able to seed by off-line shadow account password from the LDAP server, hence the other question about supporting SSHA in /etc/shadow. Anything preventing this other than lack of code? - Orion _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
