On 01/04/2008, Mike Meyer <[EMAIL PROTECTED]> wrote: > On Tue, 01 Apr 2008 15:00:05 +0200 Ivan Voras <[EMAIL PROTECTED]> wrote: > > > > > > Why OpenLDAP? Why not one of the other ldap implementations available > > > in the ports? In particular, do any of them already have plugins for > > > use with pam? > > > > What are the other LDAP implementations in ports? Especially the ones > > that are actively maintained (which excludes tinyldap)? Any compliant > > LDAP server with proper schemas will "support" PAM. > > Why does it need to be actively maintained? After all, if we're going > to pull it into the base system, we'll have to find someone to > actively maintain the code in the base system. If no one is > maintaining the code externally, that in some ways makes their job > easier.
Because history shows that even currently supported software (bind, sendmail, gcc) are hard to maintain :) It would take a person to pick up actively maintaining a software if its practically dead before even thinking of putting it in base. (Though those things could happen simultaneously - someone picking it up and putting it in base, the probability is very low). > And I didn't say "support", I said "already have plugins". Sure, > anything can be connected to PAM if you can get someone to write the > plugins. Or are you saying there's already an ldap plugin that uses > ldap schemas? Yes. I've been using pam_ldap and nss_ldap soon after they were available on FreeBSD (i.e. somewhere in the 5.x lifecycle). These support any LDAP server that has proper schemas (think of "LDAP schema" as a struct in C or a SQL table structure...). _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"