From owner-freebsd-current@FreeBSD.ORG Fri Aug 25 00:04:39 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 45FDF16A4E7 for ; Fri, 25 Aug 2006 00:04:39 +0000 (UTC) (envelope-from tmclaugh@sdf.lonestar.org) Received: from straycat.dhs.org (c-24-63-86-11.hsd1.ma.comcast.net [24.63.86.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id E4F2A43D55 for ; Fri, 25 Aug 2006 00:04:35 +0000 (GMT) (envelope-from tmclaugh@sdf.lonestar.org) Received: from bofh.straycat.dhs.org (bofh.straycat.dhs.org [192.168.2.68]) by straycat.dhs.org (8.13.4/8.13.4) with ESMTP id k7P047Ql005315; Thu, 24 Aug 2006 20:04:08 -0400 (EDT) From: Tom McLaughlin To: Brooks Davis In-Reply-To: <20060823144347.GB24652@lor.one-eyed-alien.net> References: <44E9582C.2010400@rsu.ru> <44EAA213.6010507@delphij.net> <002901c6c5ba$628b67d0$9800a8c0@carrera> <86hd0423zk.fsf@xps.des.no> <44EB302A.7010106@rsu.ru> <20060823121157.yawh6f8e844w4osc@netchild.homeip.net> <86u043znbz.fsf@xps.des.no> <20060823144347.GB24652@lor.one-eyed-alien.net> Content-Type: text/plain Date: Thu, 24 Aug 2006 20:03:13 -0400 Message-Id: <1156464193.1394.14.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.6.3 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: Dag-Erling Sm?rgrav , freebsd-current@freebsd.org, LI Xin , Michael Bushkov , Alexander Leidinger Subject: Re: [HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch and more (SoC) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Aug 2006 00:04:39 -0000 On Wed, 2006-08-23 at 09:43 -0500, Brooks Davis wrote: > On Wed, Aug 23, 2006 at 01:46:40PM +0200, Dag-Erling Sm?rgrav wrote: > > Alexander Leidinger writes: > > > Michael Bushkov writes:(from Tue, 22 Aug 2006 > > > > So, after all, I'd prefer to leave libldap (and nss_ldap, which can > > > > also conflict with PADL's nss_ldap) as is and let users use > > > > WITHOUT_LDAP and WITHOUT_NSS_LDAP when appropriate. > > > If someone doesn't like the base system libldap, but wants the > > > nss_ldap stuff, this way will not work out. While building the base > > > system, no 3rd party libs are known to the build infrastructure. > > > > Wrong. It is already possible in today's tree to build the base > > system's Kerberos with OpenLDAP support using the OpenLDAP port, and > > there are similar provisions for using OpenSSL from ports. > > It's also possible to build sendmail with SASL support: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html > Will it also be possible to build openldap in base with SASL support? My understanding is Windows AD environments by default require all connections to be authenticated via kerberos. (It's also a requirement for the samba+openldap+krb5 setup I'm doing for work. ;) I saw a comment about adding support for krb5_ccname in the config file. That's a very useful option in the PADL version so I'm guessing this was written with supporting SASL in mind? Thanks. tom (Hell, let's import Cyrus-SASL too. It's BSD licensed!... Alright, I'll stop since this ins't my area of the repo. :) -- | tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org | | FreeBSD http://www.FreeBSD.org | | BSD# http://www.mono-project.com/Mono:FreeBSD |