Re: Feature request (pam/nss ldap, nsswitch ldap integration)
From: Joerg Sonnenberger (joerg_at_britannica.bec.de)
Date: 10/30/04
- Previous message: Joerg Sonnenberger: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- In reply to: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Next in thread: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Reply: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 30 Oct 2004 13:43:01 +0200 To: FreeBSD Hackers <freebsd-hackers@freebsd.org>
On Sat, Oct 30, 2004 at 12:20:58PM +0100, *** Davies wrote:
> Trouble is openldap is one of those things everyone wants to configure
> themselves - do you enable SASL support or not, what backends do you use
> etc?
IIRC SASL is pretty mandatory to correctly implement LDAP v3. Bigger
question is GSSAPI (Kerberos 5!) and the backend.
[..]
> And it raises other questions, for example how do you handle mergemaster
> when half your accounts are in LDAP and not the system databases?
You should _not_ put system accounts into LDAP, that's that just wrong.
So having them in the local database (whatever type that is) should work
fine with mergemaster.
Joerg
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
- Previous message: Joerg Sonnenberger: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- In reply to: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Next in thread: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Reply: *** Davies: "Re: Feature request (pam/nss ldap, nsswitch ldap integration)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
