Am Montag, den 19.03.2007, 05:40 +0900 schrieb John Summerfield: > You can authenticate against AD. > > In principal you could use standard LDAP tools to extract the info and > insert it into openldap, but I don't know about passwords, and probably > you will want to keep AD anyway. > AD is more or less LDAP + Kerberos 5 you can always use nss_winbindd or nss_ldap (which requires MSSFU schema extensions in the AD) + pam_krb5 or even a kerberized mailserver to do authentication. In fact you can even forget the nss-stuff if you use a mailserver that doesn't require users to have a system account (e.g. cyrus-imapd) You *cannot* forbid root to do anything. And if you could you woudln't want to do it. The only way I could think of is enctypting the mailstore with the users password, but if a user forgets his password you're lost. kind regards, Andreas Rogge
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
