On Thu, 21 Oct 2004 12:02:13 +0200, Nils Philippsen <nphilipp@xxxxxxxxxx> wrote: > Although you don't necessarily need a graphical login. I'm not sure I like using the argument that expects people to use a console login in which they are unfamiliar to the tools. As more and more wizardy Setting Setting tools get developer to ease the task of administration on for subsystems, you have to expect less proficiency at the commandline among admins in the userbase overall. If openldap authing can be configured without stepping foot into consoleland, having a way to troubleshoot common configuration failure modes of openldap without dropping to console would seem appriopriate. The argument isn't so much about bare minimum 'needs' to get the job done. The argument is, adminsn especially less experienced admins, are going to find ways to use the tools they are comfortable with to solve their defcon 3 problems so it gets solved as quickly as possible. With that preamble in mind.... is "best practise" with regard to openldap or other network authing to have at least one locally authed unprivlegded "operator" as suggested previously in this thread? If so, are their opportunities in the ui tools in Core to strongly suggest or strongarm if not require that such a local operator be created? -jef
