From owner-freebsd-current@FreeBSD.ORG Mon May 19 12:45:10 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55E4237B401 for ; Mon, 19 May 2003 12:45:10 -0700 (PDT) Received: from ns1.gnf.org (ns1.gnf.org [63.196.132.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D67C43F93 for ; Mon, 19 May 2003 12:45:09 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: from EXCHCLUSTER01.lj.gnf.org (exch01.lj.gnf.org [172.25.10.19]) by ns1.gnf.org (8.12.8p1/8.12.8) with ESMTP id h4JJj7tF027085 for ; Mon, 19 May 2003 12:45:07 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: from roark.gnf.org ([172.25.24.15]) by EXCHCLUSTER01.lj.gnf.org with Microsoft SMTPSVC(5.0.2195.5329); Mon, 19 May 2003 12:45:09 -0700 Received: from roark.gnf.org (localhost [127.0.0.1]) by roark.gnf.org (8.12.9/8.12.9) with ESMTP id h4JJj8jX048274; Mon, 19 May 2003 12:45:08 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: (from gtetlow@localhost) by roark.gnf.org (8.12.9/8.12.9/Submit) id h4JJj8Qu048273; Mon, 19 May 2003 12:45:08 -0700 (PDT) (envelope-from gtetlow) Date: Mon, 19 May 2003 12:45:08 -0700 From: Gordon Tetlow To: sdebnath@cs.purdue.edu Message-ID: <20030519194508.GD1950@roark.gnf.org> References: <0E972CEE334BFE4291CD07E056C76ED8DB2DBE@bragi.housing.ufl.edu> <1053365929.3ec916a957190@webmail.purdue.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="yHmUJ2Jgby4Rx//r" Content-Disposition: inline In-Reply-To: <1053365929.3ec916a957190@webmail.purdue.edu> User-Agent: Mutt/1.4i X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-OriginalArrivalTime: 19 May 2003 19:45:09.0165 (UTC) FILETIME=[278A3DD0:01C31E3F] cc: current@FreeBSD.org Subject: Re: Acceptable LDAP solutions X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2003 19:45:10 -0000 --yHmUJ2Jgby4Rx//r Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, May 19, 2003 at 12:38:49PM -0500, Shawn Debnath wrote: > Sorry about that, we are trying to setup a massive network of boxes, and FreeBSD > will be a go for those if I can get LDAP to work properly for authentication. I > have heard that FreeBSD 5.1 has better support for it, but would like to know if > anyone has tackled it yet. I'm probably the best person to answer this. My current setup and reason to push for a NSS implementation for FreeBSD was to integrate my boxen into my companies Active Directory infrastructure. The short answer is that FreeBSD is in a productionable enough state to get account details out of LDAP if you can live with a couple of hiccups. Most noteably, statically linked binaries (like /bin/ls) won't know anything about accounts from LDAP. Are you planning on storing your passwords in LDAP? Personally, I'm using a Kerberos realm for the authentication piece and LDAP for account details. -gordon --yHmUJ2Jgby4Rx//r Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+yTRERu2t9DV9ZfsRAh1AAJ98PuFNWz5cDBhFHpEQmL5s7vf9NgCgz7Dq QsUUVYzdpSeFEFFCLLk29NA= =xnZq -----END PGP SIGNATURE----- --yHmUJ2Jgby4Rx//r--