Re: Importing OpenLDAP into base

To: tech-userlevel%NetBSD.org@localhost
Subject: Re: Importing OpenLDAP into base
From: Matthias Scheler <tron%zhadum.org.uk@localhost>
Date: Mon, 28 Apr 2008 10:37:03 +0100


On 23 Apr 2008, at 14:10, Luke Mewburn wrote:

I'd like to propose that we import OpenLDAP into NetBSD.


This is a very good idea. I was considering to propose that myself.

* It appears to be most common protocol for distributed
 user & group authentication across heterogenous systems,
 including Windows (Active Directory), OS X, Solaris,
 most Linux distributions.
 It has replaced NIS for most UNIX systems.

That is the main reason. At work we don't have NIS, "only" LDAP andKerberos.

It is not possible to integrate a NetBSD system into such an environment
without installing a lot of packages.

* Base gets a bit bigger.

Indeed, about 4.7MB under NetBSD-i386. But I think it is worth thedisk space.

* LDAP isn't as lightweight as advertised.


Very true.

* Evaluate & import Tyler Retzlaff's nss_ldap implementation
 (for at least passwd and group databases).

* Write (or commission) a pam_ldap implementation.

From what I've heard "nss_ldap" and "pam_ldap" implementation tendtowardsbeing complicated because they have to deal with networking issues.Would

it perhaps make sense to have an "ldapbind" daemon (similar to "ypbind")
and keep this plugins really light weight?

        Kind regards

--
Matthias Scheler                           http://zhadum.org.uk/

Follow-Ups:
- Re: Importing OpenLDAP into base
  - From: matthew sporleder

References:
- Importing OpenLDAP into base
  - From: Luke Mewburn

Prev by Date: Re: Importing OpenLDAP into base
Next by Date: Reducing libc size
Previous by Thread: Re: Importing OpenLDAP into base
Next by Thread: Re: Importing OpenLDAP into base
Indexes:

Home | Main Index | Thread Index | Old Index