trying to correctly handle account passwords via ldap
Andrew Bartlett
abartlet at samba.org
Tue Mar 28 03:17:18 GMT 2006
On Mon, 2006-03-27 at 22:11 -0500, Simo Sorce wrote:
> On Tue, 2006-03-28 at 12:47 +1000, Andrew Bartlett wrote:
> Sure, I'm not for password lock in, I just want to be compatible.
In LDAP, you only get what you ask for. I think this gives us great
opportunities to provide administrators, without modification of
binaries or low-level commands, the ability to access information they
need.
We can (and probably should) mark these as operational attributes, but I
don't see any reason why we can't expose them. Perhaps you understand
the compatibility problems better than I do.
I think we will have plenty of extra logic in the replication
implementation, that dealing with/mapping a few extra attributes won't
be too hard (particularly if we use different names).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060328/6dbef760/attachment.bin
More information about the samba-technical
mailing list