Making LDAP easier to use
Bernardo Innocenti
bernie at develer.com
Fri May 26 00:38:45 UTC 2006
Felipe Alfaro Solana wrote:
>> Most tools are there already, but not designed or tested
>> to work well together. And it's because very few people
>> go through the pain of setting up an LDAP-based LAN.
>
> I have set up some LDAP-based LAN's and I think that, although not
> straightforward as installing Linux and clicking Next, Next, Next,
> i'ts not as difficult as it could seem.
Really? Have you imported and existing userbase? Did you
enable TLS? Replication? Kerberos? SASL?
After months of occasional research and fiddling, I'm still unable
to do effective Single Sign On for the intranet services
(IMAP, Apache, NFS...) with any of the clients (NT, Linux, OSX).
> You can use "libuser", which supports several backends, being LDAP on
> of then. I'm using
> luseradd/lusermod/luserdel/lgroupadd/lgroupdel/lgroupmod from libuser
> to manage my LDAP users and its work very well.
Looks nice!
I'm currently unable to make any changes because of this:
Error initializing libuser: could not negotiate TLS with LDAP server.
And it's weird, because I've configured my ldap.conf to use
the ldapi socket locally and no TLS is needed for the other
tools I use.
--
// Bernardo Innocenti - Develer S.r.l., R&D dept.
\X/ http://www.develer.com/
More information about the fedora-devel-list
mailing list