PADL have contributed a number of enhancements to Darwin, the core of Apple's Mac OS X operating system. Please note that this software is offered purely on an "as-is" basis, and PADL offers no support for it. The software is licensed under the Apple Public Source License (APSL) unless indicated otherwise. All software is available from Apple's Darwin CVS repository, with the exception of NetInfo for Linux, which is available from us.
Pluggable Authentication Modules (PAM)
Pluggable Authentication Modules, or PAM, provide a mechanism-agnostic interface to operating system sign-on. The PAM API is defined in OSF DCE RFC 86.0.We ported the widely available Linux-PAM to Darwin, and developed several modules to interface PAM with Apple's incumbent authentication technologies, including Directory Services, Keychain, NetInfo, and Security Services. Note that we have tried to stay as close to the current FreeBSD sources of PAM due to Darwin's BSD heritage.
pam_wrappers: Objective-C wrapper around PAM framework required by above bridge
system_cmds: various tools that perform authentication have PAM support in the lukeh-PAM branch
network_cmds: various tools that perform authentication have PAM support in the lukeh-PAM branch
PADL contributed the X.500 naming code to NetInfo, as well as integrating Kerberos authentication (using the RPCSEC_GSS implementation from the University of Michigan). The Kerberos integration code was originally developed by Xedoc Software Development.
The binddnsdomain tool associates the current DNS domain (or, confusingly, an arbitrary distinguished name) with a NetInfo tag on the local machine. This is only useful if you are running the LDAP/NetInfo bridge.
PADL contributed an updated version of LDAPAgent, with support for LDAPv3, Active Directory, and RFC2307bis, to the lukeh-OpenLDAP branch of lookupd. A binary of this is available from here. This will not work OS X 10.2: LDAPAgent has been removed from the current Darwin sources and customers should use Apple's Directory Services, or the lightweight LLAgent for local directory access.
PADL wrote the initial implementation of LDAPAgent that shipped in Mac OS X Server 1.0 and Mac OS X 10.1 and below, as well as the LDAP/NetInfo bridge. More information on advanced configuration of the LDAP/NetInfo bridge is available here.