On Tue, 2008-04-22 at 13:00 -0500, Les Mikesell wrote:
> Craig White wrote:
> > >
> >>> The way you've posed the question, it has nothing to do with CentOS, so I am
> >>> unsurprised you got crap for it on IRC.
> >> I thought one of the big deals in Centos was the ability to configure
> >> PAM to authenticate anywhere you want and all the apps use the same
> >> settings? Isn't that true, or aren't there any jabber/IRC servers that
> >> are bundled properly into the distribution?
> >>
> >> This sounds very much like a distro-centric question to me, even if the
> >> answer turns out to be that Centos doesn't provide that.
> > ----
> > actually no.
> >
> > I am currently using ejabberd and it is not common to authenticate
> > 'real' users but certain possible.
>
> Are you speaking for places that actually have all of their users in AD
> when you say it is not common authenticate real users?
----
I'm talking about jabber implementations. I get the impression from the
couple I have set up that the authors don't consider authenticating
'system users' aka 'real users' as their primary usage
----
>
> > The point of authenticating against LDAP is rarely do you only want
> > user/id authentication but you also want address books/user lists and
> > other attributes that can be useful such as e-mail address.
>
> But those may or may not be the same ones you'd find in AD.
----
any reasonable LDAP implementation allows you to define the DN (or DN's)
to be used for various purposes
----
>
> > In addition, jabber servers do have to store attributes about users so
> > there's little to be served by marrying PAM functions in.
>
> I'd settle for not having yet another password.
----
sure - makes sense - how many different jabber servers are you running?
----
>
> > What you should have noticed here Les, is that Windows AD users are
> > mostly clueless to how LDAP works and integrating Windows AD/LDAP into
> > other software is a challenge for them.
>
> Which is why you'd want to set up PAM once, not
> login/ssh/imap/pop/http/smtp/samba and all those other applications that
> want a password. Especially when you want to be able to add local
> accounts in addition to using a network authentication mechanism.
----
sure - makes sense - how many different jabber servers are you running?
You are simply looking through a lens that says corporate users,
corporate login accounts, etc. That's fine but I get the distinct
impression that it is hardly the typical setup.
Craig
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
