Subject: Re: kerberos in 1.5_ALPHA
To: None <firstname.lastname@example.org>
From: Bill Sommerfeld <email@example.com>
Date: 07/17/2000 08:46:55
> So, shouldn't use of Kerberos for password changing depend on presence
> of DNS in the nsswitch.conf entry for password?
No. the "passwd" line in nsswitch.conf concerns /etc/passwd file
lookups (a.k.a "gethostbyname()"), and the "dns" source for password
lookups is hesiod (a thin veneer over DNS), not kerberos.
Kerberos does not manage passwd file entries; it just does user
Control of the use of kerberos for user authentication should be done
by something which fits in the same niche as PAM or the BSDI