Date: Thu, 24 Aug 2006 20:03:13 -0400 From: Tom McLaughlin <tmclaugh@sdf.lonestar.org> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: Dag-Erling Sm?rgrav <des@des.no>, freebsd-current@freebsd.org, LI Xin <delphij@delphij.net>, Michael Bushkov <bushman@rsu.ru>, Alexander Leidinger <Alexander@Leidinger.net> Subject: Re: [HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch and more (SoC) Message-ID: <1156464193.1394.14.camel@localhost> In-Reply-To: <20060823144347.GB24652@lor.one-eyed-alien.net> References: <44E9582C.2010400@rsu.ru> <44EAA213.6010507@delphij.net> <002901c6c5ba$628b67d0$9800a8c0@carrera> <86hd0423zk.fsf@xps.des.no> <44EB302A.7010106@rsu.ru> <20060823121157.yawh6f8e844w4osc@netchild.homeip.net> <86u043znbz.fsf@xps.des.no> <20060823144347.GB24652@lor.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2006-08-23 at 09:43 -0500, Brooks Davis wrote: > On Wed, Aug 23, 2006 at 01:46:40PM +0200, Dag-Erling Sm?rgrav wrote: > > Alexander Leidinger <Alexander@Leidinger.net> writes: > > > Michael Bushkov <bushman@rsu.ru> writes:(from Tue, 22 Aug 2006 > > > > So, after all, I'd prefer to leave libldap (and nss_ldap, which can > > > > also conflict with PADL's nss_ldap) as is and let users use > > > > WITHOUT_LDAP and WITHOUT_NSS_LDAP when appropriate. > > > If someone doesn't like the base system libldap, but wants the > > > nss_ldap stuff, this way will not work out. While building the base > > > system, no 3rd party libs are known to the build infrastructure. > > > > Wrong. It is already possible in today's tree to build the base > > system's Kerberos with OpenLDAP support using the OpenLDAP port, and > > there are similar provisions for using OpenSSL from ports. > > It's also possible to build sendmail with SASL support: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html > Will it also be possible to build openldap in base with SASL support? My understanding is Windows AD environments by default require all connections to be authenticated via kerberos. (It's also a requirement for the samba+openldap+krb5 setup I'm doing for work. ;) I saw a comment about adding support for krb5_ccname in the config file. That's a very useful option in the PADL version so I'm guessing this was written with supporting SASL in mind? Thanks. tom (Hell, let's import Cyrus-SASL too. It's BSD licensed!... Alright, I'll stop since this ins't my area of the repo. :) -- | tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org | | FreeBSD http://www.FreeBSD.org | | BSD# http://www.mono-project.com/Mono:FreeBSD |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1156464193.1394.14.camel>