Date: Tue, 1 Apr 2008 17:59:32 +0200 From: "Ivan Voras" <ivoras@freebsd.org> To: "Mike Meyer" <mwm@mired.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Feature request Message-ID: <9bbcef730804010859m57518fcdmf243306f64f0ee80@mail.gmail.com> In-Reply-To: <20080401110759.040dc4a9@mbook-fbsd> References: <763154.59087.qm@web54302.mail.re2.yahoo.com> <20080331172552.313e8d49@bhuda.mired.org> <fstbkr$a2a$1@ger.gmane.org> <20080401110759.040dc4a9@mbook-fbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/04/2008, Mike Meyer <mwm@mired.org> wrote: > On Tue, 01 Apr 2008 15:00:05 +0200 Ivan Voras <ivoras@freebsd.org> wrote: > > > > > > Why OpenLDAP? Why not one of the other ldap implementations available > > > in the ports? In particular, do any of them already have plugins for > > > use with pam? > > > > What are the other LDAP implementations in ports? Especially the ones > > that are actively maintained (which excludes tinyldap)? Any compliant > > LDAP server with proper schemas will "support" PAM. > > Why does it need to be actively maintained? After all, if we're going > to pull it into the base system, we'll have to find someone to > actively maintain the code in the base system. If no one is > maintaining the code externally, that in some ways makes their job > easier. Because history shows that even currently supported software (bind, sendmail, gcc) are hard to maintain :) It would take a person to pick up actively maintaining a software if its practically dead before even thinking of putting it in base. (Though those things could happen simultaneously - someone picking it up and putting it in base, the probability is very low). > And I didn't say "support", I said "already have plugins". Sure, > anything can be connected to PAM if you can get someone to write the > plugins. Or are you saying there's already an ldap plugin that uses > ldap schemas? Yes. I've been using pam_ldap and nss_ldap soon after they were available on FreeBSD (i.e. somewhere in the 5.x lifecycle). These support any LDAP server that has proper schemas (think of "LDAP schema" as a struct in C or a SQL table structure...).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9bbcef730804010859m57518fcdmf243306f64f0ee80>