From owner-freebsd-security Thu Nov 8 9: 5:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from relay2.agava.net.ru (ofc.agava.net [213.59.3.194]) by hub.freebsd.org (Postfix) with ESMTP id A089E37B41E for ; Thu, 8 Nov 2001 09:05:22 -0800 (PST) Received: from hellbell.domain (hellbell.domain [192.168.1.12]) by relay2.agava.net.ru (Postfix) with ESMTP id 1AC03668B2 for ; Thu, 8 Nov 2001 20:05:21 +0300 (MSK) Received: from localhost (localhost [127.0.0.1]) by hellbell.domain (Postfix) with ESMTP id E97EFCCFC for ; Thu, 8 Nov 2001 20:05:20 +0300 (MSK) Date: Thu, 8 Nov 2001 20:05:20 +0300 (MSK) From: Alexey Zakirov X-X-Sender: Cc: Subject: Re: NIS, rsync, and LDAP Re: sharing /etc/passwd In-Reply-To: <20011108050109.25500.qmail@web14501.mail.yahoo.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 7 Nov 2001, Jano Lukac wrote: > new implementations of the openldap 2 have connections via ssl, or you could > wrap the old openldap 1 through an stunnel. But a small warning: I've been > working about a month now trying to figgure out how to allow users to change > passwords, without luck. I went as far as setting up an ldap v3 with something like a custom passwd(1) program would be pretty trivial. > pam->ldap->sasl->kerberos, no luck. Additionally, I've recently received word > that the openldap c-libs have memory leaks (unsure how true this is); there are They've changed API a bit so any programs must call ldap_memfree after ldap_first_attribute. Older versions of the OpenLDAP libraries didn't require that call. *** WBR, Alexey Zakirov (frank@agava.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message