Re: RFC: Going the LDAP/Kerberos way with NetBSD.

[Anders Magnusson <ragge%ludd.ltu.se@localhost>]

Manuel Bouyer wrote:
> On Tue, Apr 29, 2008 at 05:16:55PM +0200, Anders Magnusson wrote:
>   
>> After Luke's mail on integrating OpenLDAP, I think it may be a good time 
>> to re-think how NetBSD works
>> in both stand-alone and small network environment. I have some ideas 
>> here, please comment on them
>> for things I have missed :-)
>>
>> machines, to join it to an environment
>>  of other NetBSD machines or machines with other OSes.
>>
>> [...]
>> To summary up (so that the mail do not get too long and people do not 
>> care to read it), I think
>> something like this:
>>
>> - Deliver NetBSD with my small LDAP server, which can be a daemon that 
>> always runs on the machine.
>>  Let pwd_mkdb et al write the stuff directly into the LDAP database.  
>> (I assume that passwd can generate
>>  the Kerberos encryption keys as well, for eventual future kdc use?)  
>> Have a command similar to ypmake
>>  that put groups etc.  in the LDAP directory as well.  This is the 
>> default config for a newly-installed machine.
>>     
>
> Is the "LDAP database" just files that a daemon can export to other hosts
> if needed, or is the daemon needed for a standalone configuration too ?
> Is it possible to run a standalone NetBSD without any LDAP daemon running
> in your proposal ?
Yes, of course, in many (most?) situations a machine is only a
standalone system
which has no need for ldap at all...

-- Ragge