Re: RFC: Going the LDAP/Kerberos way with NetBSD.

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Tue, Apr 29, 2008 at 05:16:55PM +0200, Anders Magnusson wrote:
> After Luke's mail on integrating OpenLDAP, I think it may be a good time 
> to re-think how NetBSD works
> in both stand-alone and small network environment. I have some ideas 
> here, please comment on them
> for things I have missed :-)
> 
> machines, to join it to an environment
>  of other NetBSD machines or machines with other OSes.
> 
> [...]
> To summary up (so that the mail do not get too long and people do not 
> care to read it), I think
> something like this:
> 
> - Deliver NetBSD with my small LDAP server, which can be a daemon that 
> always runs on the machine.
>  Let pwd_mkdb et al write the stuff directly into the LDAP database.  
> (I assume that passwd can generate
>  the Kerberos encryption keys as well, for eventual future kdc use?)  
> Have a command similar to ypmake
>  that put groups etc.  in the LDAP directory as well.  This is the 
> default config for a newly-installed machine.

Is the "LDAP database" just files that a daemon can export to other hosts
if needed, or is the daemon needed for a standalone configuration too ?
Is it possible to run a standalone NetBSD without any LDAP daemon running
in your proposal ?

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--