I have been scouring the net for quite a while now trying to find good tutorials (specifically tutorials) on writting PAM modules. I have found tons of good examples, and lessons of how and what a PAM module does.

I have found one tutorial on writting a PAM module which doesn't go into detail of using system resources, drawing from libraries etc.

The client setup is a SuSE 9.0 default installation with all patches etc.

The environment is Windows, Kerberos & Active directory. I know what needs to be done but what I need to know is if a PAM module has to be written in C++ or C, vs. something like Perl or a sh/bash script.

Without having a local user setup but having an entry in AD & Kerberos I recieve and error that the kerberos authentication fails due to no UID/GID which is present in LDAP but not Kerberos. Example:

Kerberos sees username and password -> OK
LDAP sees username and looks for UID,GID,Home Dir., & Shell -> No UID/GID

Everytime Kerberos looks at the local /etc/passwd & /etc/shadow files for authentication informaiton and if there is not an entry it will not authenticate.

What I need is a way to point the pam_krb.c file to something other than the local accounts (that is without using the *K* in the /etc/shadow file trick).

Any help, resources, examples, tutorials, sanity & code examples are appreciated.