Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 19 May 2003 14:45:13 -0500
From:      Shawn Debnath <sdebnath@purdue.edu>
To:        freebsd-current@freebsd.org
Subject:   Fwd: Re: Acceptable LDAP solutions
Message-ID:  <1053373513.3ec9344922f84@webmail.purdue.edu>

next in thread | raw e-mail | index | archive | help



Hi,

Thanks for replying. Yes, we have a centralized linux LDAP server and all
account information and passwords are stored in it. Why are you using kerberos
instead of LDAP for passwords? Any specific gains from doing this?

Shawn

Quoting Gordon Tetlow <gordont@gnf.org>:

> On Mon, May 19, 2003 at 12:38:49PM -0500, Shawn Debnath wrote:
> > Sorry about that, we are trying to setup a massive network of boxes, and
> FreeBSD
> > will be a go for those if I can get LDAP to work properly for
> authentication. I
> > have heard that FreeBSD 5.1 has better support for it, but would like to
> know if
> > anyone has tackled it yet.
> 
> I'm probably the best person to answer this. My current setup and reason
> to push for a NSS implementation for FreeBSD was to integrate my boxen
> into my companies Active Directory infrastructure.
> 
> The short answer is that FreeBSD is in a productionable enough state to
> get account details out of LDAP if you can live with a couple of hiccups.
> Most noteably, statically linked binaries (like /bin/ls) won't know
> anything about accounts from LDAP.
> 
> Are you planning on storing your passwords in LDAP? Personally, I'm
> using a Kerberos realm for the authentication piece and LDAP for account
> details.
> 
> -gordon
> 


-- 

----- End forwarded message -----


-- 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1053373513.3ec9344922f84>