samba4-ol-mmr
Andrew Bartlett
abartlet at samba.org
Sat Aug 9 04:05:24 GMT 2008
On Fri, 2008-08-08 at 10:38 +0200, Oliver Liebel wrote:
> my proposal:
> in this early test-stage (unencrypted sync)
> we could set up three (ssha-crypted) rootpws for the corresponding
> subcontexts: schema, config, user in slapd.conf
> so we dont need the samba-admin for replication purposes.
> in a later stage (e.g. using sasl-bind with TLS/External) the
> cert-dn can be mapped by authz-regexp to the account we want/need.
That all seems very reasonable. I would like to see SASL used in the end.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080809/32c5ee5d/attachment.bin
More information about the samba-technical
mailing list