Comment 9 for bug 82853

I would note that the original rationale for this bug report, password synchronization between pam and samba passwords, is incorrect. There are other, more general means of keeping passwords synchronized between Unix, LDAP, Samba, etc. databases using PAM itself which don't require any overlays on the LDAP side. This wouldn't meet the needs of arbitrary LDAP clients effecting password changes, but it would serve the needs of any system-level password changes (i.e., where the password change is done via PAM by a service such as ssh, login, passwd, etc.).

So there are certainly cases where this overlay would be useful to people, but I don't think it should be central to an SSO solution in main.