Acceptable LDAP solutions
Gordon Tetlow
gordont at gnf.org
Mon May 19 12:45:10 PDT 2003
On Mon, May 19, 2003 at 12:38:49PM -0500, Shawn Debnath wrote:
> Sorry about that, we are trying to setup a massive network of boxes, and FreeBSD
> will be a go for those if I can get LDAP to work properly for authentication. I
> have heard that FreeBSD 5.1 has better support for it, but would like to know if
> anyone has tackled it yet.
I'm probably the best person to answer this. My current setup and reason
to push for a NSS implementation for FreeBSD was to integrate my boxen
into my companies Active Directory infrastructure.
The short answer is that FreeBSD is in a productionable enough state to
get account details out of LDAP if you can live with a couple of hiccups.
Most noteably, statically linked binaries (like /bin/ls) won't know
anything about accounts from LDAP.
Are you planning on storing your passwords in LDAP? Personally, I'm
using a Kerberos realm for the authentication piece and LDAP for account
details.
-gordon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20030519/68bc47cd/attachment.bin
More information about the freebsd-current
mailing list