tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Importing OpenLDAP into base

On Fri, Apr 25, 2008 at 04:48:35PM +0200, Anders Magnusson wrote:
  | Anyway, that said, I think NetBSD really should go towards using 
  | ldap+kerberos
  | as some sort of standard solution for network environment.

This has merit, and prior art (AFAIK, it's basically what
"Active Directory" is.)

Having good documentation and defaults for getting both
client and server Kerberos+LDAP setups would be a worthwhile
benefit, since neither is reknowned for being "easy" to setup.

  | What I would like to have is a lightweight version of an ldap server 
  | that would be
  | basically just to store the basic system information just like YP, and 
  | not as many
  | fancy features.  If people would want those features then use openldap 
  | or iplanet
  | instead.
  | Hm, thinking about it, I do not think it would be especially difficult 
  | to write such
  | an ldap server.  Would it be interesting?  Luke, can you wait a week or 
  | so before
  | importing openldap?  I can take a quick look at it and come back with an 
  | estimate.


Most of my impetus was in getting client LDAP code that can be used
by various in-tree applications as well as which implementation of
nss_ldap and pam_ldap we select.

There's nothing prevent us having dist/openldap with reachover
makefiles for the client code, and provide a separate server if
that turns out to be the "best" solution for the default install.

Attachment: pgpxVBtqj_ALs.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index