Interoperable junctions on Linux

Matt W. Benjamin matt at
Tue Apr 23 12:43:01 MDT 2013

----- "Simo Sorce" <simo at> wrote:

> Well I have some knowledge in this field, and I do not find it very
> fiddly, but I may be biased as I have been working for the past 7
> years
> to make LDAP+Kerberos simple to manage within the FreeIPA project.
> Your requirement to set an objectclass on the base suffix is something
> I
> find particularly unappealing, and no other tool that I know of
> requires
> this (because it is unnecessary).

Yes.  Thank you.

> > 
> I think you should allow the broadest possibilities of course, which
> is
> why I am picking on things like allowing SSAL/GSSAPI explicitly in
> the
> RFC language. Whether people will integrate into existing LDAP server
> or
> not remains to be seen, if we can avoid the need to add an objectlass
> on
> the root suffix I see that we can easily add this a standard feature
> for
> FreeIPA as well (we already provide automount data for example) and
> provide management tools in our framework around it.

I noted this point on a FedFS concall 2 years ago.  I dont understand why
not -permit- easy integration with existing LDAP infrastructure.

Matt Benjamin
The Linux Box
206 South Fifth Ave. Suite 150
Ann Arbor, MI  48104

tel.  734-761-4689 
fax.  734-769-8938 
cel.  734-216-5309 

More information about the samba-technical mailing list