Hello,
Thank you for your detailed explanation, I'm sure it will be great.
I have some short questions:
On Sun, 10 Jun 2001, Jacques A. Vidrine wrote:
> = I extended the implementation to support dynamically loaded
> sources, and ported nss_ldap to use the invented interface. These
> are the patches you referred to. This was a prototype to help me
> understand the issues. They will never be committed, and should
> not be used in production.
By applying these patches (nsswitch & nss_ldap) did you get a proper
working authentication via LDAP? I applied them, but system doesn't know
LDAP's user names. This is my fault or I should even not try this way?
> = I re-did the implementation using a design that I am happy
> with, and interfaces which are agreed-upon-in-principal with the
> NetBSD nsswitch author. In addition to new interfaces, this new
> implementation is reentrant (although YP and our resolver is not).
> A major design goal was to enable the creation of modules that are
> stubs which talk to a long-running daemon that does the hard
> work. PADL.COM's nss_ldap is (IMHO) completely unsuitable for a
> production environment, particularly if you use SSL.
May I see this code anywhere? I can't find info about above way on your
homepage.
> = Eventually I will finish the implementation just described. Left
> to do is updating some resolver-oriented stuff like getaddrinfo,
> and (importantly) creating an nsswitch-ldap daemon.
>
> If someone wants to work on this stuff, I would be happy to hand it
> off after we had sufficient discussion so that I was confident the
> design was understood. Otherwise, please wait. I wish I had finished
> it sooner, but that's how it goes.
No, I'm not able to do this work, but if you need some help (e.g.
testing), I am ready.
Do you have any idea approximately when will you finish it? I think it's
very important.
Best wishes,
Sandor Gyori
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
