Subject: Re: kerberos in 1.5_ALPHA
To: None <>
From: Bill Sommerfeld <>
List: current-users
Date: 07/17/2000 08:46:55
> So, shouldn't use of Kerberos for password changing depend on presence
> of DNS in the nsswitch.conf entry for password?  

No.  the "passwd" line in nsswitch.conf concerns /etc/passwd file
lookups (a.k.a "gethostbyname()"), and the "dns" source for password
lookups is hesiod (a thin veneer over DNS), not kerberos.

Kerberos does not manage passwd file entries; it just does user

Control of the use of kerberos for user authentication should be done
by something which fits in the same niche as PAM or the BSDI
authentication extensions.

					- Bill