« back to all changes in this revision
Viewing changes to man/pam_ldap.8.xml
- Committer: Bazaar Package Importer
- Date: 2010-07-03 17:00:00 UTC
- Revision ID: james.westby@ubuntu.com-20100703170000-qjnaavp1wx04z4ew
* don't use use_authtok for password modification by default
* fine-tune pam-auth-update configuration after discussion with Steve
Langasek (see: #583492)
Note that this currently requires that shadow information is also provided
by LDAP (in /etc/nsswitch.conf).
* ensure that nslcd is started after hostname lookups are available so
getting to the LDAP server via DNS will work (patch by Petter
Reinholdtsen) (closes: #585968)
* start k5start from the init script to keep the Kerberos ticket active if
nslcd is configured for SASL GSSAPI Kerberos authentication, based on a
patch by Daniel Dehennin (closes: #585639)
* upgrade to standards-version 3.9.0 (switch to Breaks/Replaces instead of
Conflicts)
* refactoring and simplification of PAM module which also improves logging
* implement a nullok PAM option and disable empty passwords by default
* portability improvements and other minor code improvements
* the mechanism to disable name lookups through LDAP from within the nslcd
process has been improved
* the undocumented use_sasl option has been removed (specifying sasl_mech
now implies use_sasl)
* the sasl_mech, sasl_realm, sasl_authcid, sasl_authzid and sasl_secprops
configuration options are now documented
* fine-tune pam-auth-update configuration after discussion with Steve
Langasek (see: #583492)
Note that this currently requires that shadow information is also provided
by LDAP (in /etc/nsswitch.conf).
* ensure that nslcd is started after hostname lookups are available so
getting to the LDAP server via DNS will work (patch by Petter
Reinholdtsen) (closes: #585968)
* start k5start from the init script to keep the Kerberos ticket active if
nslcd is configured for SASL GSSAPI Kerberos authentication, based on a
patch by Daniel Dehennin (closes: #585639)
* upgrade to standards-version 3.9.0 (switch to Breaks/Replaces instead of
Conflicts)
* refactoring and simplification of PAM module which also improves logging
* implement a nullok PAM option and disable empty passwords by default
* portability improvements and other minor code improvements
* the mechanism to disable name lookups through LDAP from within the nslcd
process has been improved
* the undocumented use_sasl option has been removed (specifying sasl_mech
now implies use_sasl)
* the sasl_mech, sasl_realm, sasl_authcid, sasl_authzid and sasl_secprops
configuration options are now documented
- files added:
- compat/nss_compat.h
- files removed:
- nss/exports.linux
- files modified:
- AUTHORS
added
removed
man/pam_ldap.8.xml
