Date: Mon, 19 May 2003 12:45:08 -0700 From: Gordon Tetlow <gordont@gnf.org> To: sdebnath@cs.purdue.edu Cc: current@FreeBSD.org Subject: Re: Acceptable LDAP solutions Message-ID: <20030519194508.GD1950@roark.gnf.org> In-Reply-To: <1053365929.3ec916a957190@webmail.purdue.edu> References: <0E972CEE334BFE4291CD07E056C76ED8DB2DBE@bragi.housing.ufl.edu> <1053365929.3ec916a957190@webmail.purdue.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--yHmUJ2Jgby4Rx//r Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, May 19, 2003 at 12:38:49PM -0500, Shawn Debnath wrote: > Sorry about that, we are trying to setup a massive network of boxes, and FreeBSD > will be a go for those if I can get LDAP to work properly for authentication. I > have heard that FreeBSD 5.1 has better support for it, but would like to know if > anyone has tackled it yet. I'm probably the best person to answer this. My current setup and reason to push for a NSS implementation for FreeBSD was to integrate my boxen into my companies Active Directory infrastructure. The short answer is that FreeBSD is in a productionable enough state to get account details out of LDAP if you can live with a couple of hiccups. Most noteably, statically linked binaries (like /bin/ls) won't know anything about accounts from LDAP. Are you planning on storing your passwords in LDAP? Personally, I'm using a Kerberos realm for the authentication piece and LDAP for account details. -gordon --yHmUJ2Jgby4Rx//r Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+yTRERu2t9DV9ZfsRAh1AAJ98PuFNWz5cDBhFHpEQmL5s7vf9NgCgz7Dq QsUUVYzdpSeFEFFCLLk29NA= =xnZq -----END PGP SIGNATURE----- --yHmUJ2Jgby4Rx//r--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030519194508.GD1950>