On Thu, Mar 22, 2012 at 11:01 AM, Tiago Elvas <tiagoel...@gmail.com> wrote: > > Can I make pam to work so that I don't need to create a unix account for > each new kerberos user?
You don't mention which platform you're on, so I'm guessing Linux... Kerberos provides authentication, but not identity information. PAM is a framework for handling authentication, whereas NSS is the framework for handling identification on Linux. Your best option for a centralized identity solution is probably LDAP. You'll want to look at something like nss_ldap, nss-pam-ldapd, or sssd. pam_mkhomedir is really just the equivalent of running "mkdir $HOME" when a user first logs in; it doesn't actually set $HOME to begin with. - Ken ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
