On Tuesday, June 14, 2005 2:44 pm, Paul de Vrieze wrote: > You know that the "normal" way of doing this is to use ldap and krb5
In my opinion, LDAP, by design, is a piece of garbage. I understand the principle of its design, however I've never found that design to be beneficial for my needs. Before I made the switch to a MySQL-backed database to store the account information, I was using OpenLDAP; it just couldn't do the job. > pam_ldap, mod_auth_pam, apache2, and mod_dav_svn seem to not be able to > work together reliably. There is some kind of strange issue there that's > very hard to diagnose. Using direct ldap authentication does work. It's not the user authentication that's the problem, but rather that NSVS denies shadow access (appropriately) even though I don't personally need that requirement. I think, after a night's rest and a bit of thought, that I'll just add a USE flag to the NSVS ebuild to allow users to patch out that built-in restriction. -- Anthony Gorecki Ectro-Linux Foundation
pgpRKpg7A3tF8.pgp
Description: PGP signature
