[CFT] ypldap testing against OpenLDAP and Microsoft Active Directory
Matthew Seaman
matthew at FreeBSD.org
Thu Jun 9 22:49:59 UTC 2016
On 09/06/2016 18:34, Craig Rodrigues wrote:
> There is still value to ypldap as it is now, and getting feedback from
> users (especially Active Directory) would be very useful.
> If someone could document a configuration which uses IPSEC or OpenSSH
> forwarding, that would be nice.
>
> In future, maybe someone in OpenBSD or FreeBSD will implement things like
> LDAP over SSL.
What advantages does ypldap offer over nss-pam-ldapd (in ports) ?
nss-pam-ldapd can use both ldap+STARTTLS or ldaps to encrypt data in
transit, and I find it works very well for using OpenLDAP as a central
account database. I believe it works with AD, but haven't tried that
myself.
Cheers,
Matthew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20160609/bb568583/attachment.sig>
More information about the freebsd-current
mailing list