* Joerg Sonnenberger <[EMAIL PROTECTED]> [1043 12:43]: > On Sat, Oct 30, 2004 at 12:20:58PM +0100, Dick Davies wrote: > > Trouble is openldap is one of those things everyone wants to configure > > themselves - do you enable SASL support or not, what backends do you use > > etc? > > IIRC SASL is pretty mandatory to correctly implement LDAP v3. Bigger > question is GSSAPI (Kerberos 5!) and the backend. > > [..] > > And it raises other questions, for example how do you handle mergemaster > > when half your accounts are in LDAP and not the system databases? > > You should _not_ put system accounts into LDAP, that's that just wrong. > So having them in the local database (whatever type that is) should work > fine with mergemaster.
I can see why you say that, but there are times when it's useful (rsyncing between different OSes for starters where you want to preserve permissions, for example - you don't have to ensure that all /etc/passwd, /etc/shadow, whatever happen to have the same uid listed in this case). -- The pie is ready. You guys like swarms of things, right? - Bender Rasputin :: Jack of All Trades - Master of Nuns _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
