Date: Sat, 30 Oct 2004 13:43:01 +0200 From: Joerg Sonnenberger <joerg@britannica.bec.de> To: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: Feature request (pam/nss ldap, nsswitch ldap integration) Message-ID: <20041030114301.GB960@britannica.bec.de> In-Reply-To: <20041030112057.GD7262@bingo.tenfour> References: <20041030024557.53081.qmail@web51805.mail.yahoo.com> <20041030112057.GD7262@bingo.tenfour>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Oct 30, 2004 at 12:20:58PM +0100, Dick Davies wrote: > Trouble is openldap is one of those things everyone wants to configure > themselves - do you enable SASL support or not, what backends do you use > etc? IIRC SASL is pretty mandatory to correctly implement LDAP v3. Bigger question is GSSAPI (Kerberos 5!) and the backend. [..] > And it raises other questions, for example how do you handle mergemaster > when half your accounts are in LDAP and not the system databases? You should _not_ put system accounts into LDAP, that's that just wrong. So having them in the local database (whatever type that is) should work fine with mergemaster. Joerg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041030114301.GB960>