Firstly, we need to clarify where are we talking at,

In Linux System

User accounts are used by real users, service accounts are used by system services such as web servers, mail transport agents, databases etc. The kernel doesn’t care, besides UID 0.

Benefits of adopting Service accounts,

In K8s & Services

User accounts are for humans. Service accounts are for processes, which run in pods.


/etc/nsswitch.conf. NSS (which stands for Name Service Switch) is a system mechanism to configure different sources for common configuration databases. For example, /etc/passwd is a file type source for the passwd database.

/etc/pam.d, /etc/pam.conf. PAM (which stands for Pluggable Authentication Modules) is a mechanism used by Linux (and most *nixes) to extend its authentication schemes based on different plugins.

So to summarize, we need to configure NSS to use the OpenLDAP server as a source for the passwd, shadow and other configuration databases and then configure PAM to use these sources to authenticate its users.