Re: vectoring IRC / Jabber logins to AD?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Craig White wrote:

----
The point of authenticating against LDAP is rarely do you only want
user/id authentication but you also want address books/user lists and
other attributes that can be useful such as e-mail address.
But those may or may not be the same ones you'd find in AD.
----
any reasonable LDAP implementation allows you to define the DN (or DN's)
to be used for various purposes

But the people managing AD may have no interest in supporting other applications.

----
In addition, jabber servers do have to store attributes about users so
there's little to be served by marrying PAM functions in.
I'd settle for not having yet another password.
----
sure - makes sense - how many different jabber servers are you running?

A couple, currently used by small sets of people but it's likely to expand (the people, not necessarily the servers). I want to set up at least one of them with OpenNMS spewing its notifications into a multiuser chat room that the network operators can join.

----
What you should have noticed here Les, is that Windows AD users are
mostly clueless to how LDAP works and integrating Windows AD/LDAP into
other software is a challenge for them.
Which is why you'd want to set up PAM once, not login/ssh/imap/pop/http/smtp/samba and all those other applications that want a password. Especially when you want to be able to add local accounts in addition to using a network authentication mechanism.
----
sure - makes sense - how many different jabber servers are you running?

You are simply looking through a lens that says corporate users,
corporate login accounts, etc. That's fine but I get the distinct
impression that it is hardly the typical setup.

When someone mentions AD, I'd assume corporate users, existing logins, existing passwords and password change policy - and probably some MS-centric people managing it who may not want to help glue on some open-source parts.

--
  Les Mikesell
    lesmikesell@xxxxxxxxx





_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux