Interoperable junctions on Linux
Matt W. Benjamin
matt at linuxbox.com
Tue Apr 23 12:43:01 MDT 2013
----- "Simo Sorce" <simo at redhat.com> wrote:
>
> Well I have some knowledge in this field, and I do not find it very
> fiddly, but I may be biased as I have been working for the past 7
> years
> to make LDAP+Kerberos simple to manage within the FreeIPA project.
> Your requirement to set an objectclass on the base suffix is something
> I
> find particularly unappealing, and no other tool that I know of
> requires
> this (because it is unnecessary).
Yes. Thank you.
> >
>
> I think you should allow the broadest possibilities of course, which
> is
> why I am picking on things like allowing SSAL/GSSAPI explicitly in
> the
> RFC language. Whether people will integrate into existing LDAP server
> or
> not remains to be seen, if we can avoid the need to add an objectlass
> on
> the root suffix I see that we can easily add this a standard feature
> for
> FreeIPA as well (we already provide automount data for example) and
> provide management tools in our framework around it.
I noted this point on a FedFS concall 2 years ago. I dont understand why
not -permit- easy integration with existing LDAP infrastructure.
--
Matt Benjamin
The Linux Box
206 South Fifth Ave. Suite 150
Ann Arbor, MI 48104
http://linuxbox.com
tel. 734-761-4689
fax. 734-769-8938
cel. 734-216-5309
More information about the samba-technical
mailing list