On Thu, 2004-10-21 at 09:28 -0400, Jeff Spaleta wrote:
> On Thu, 21 Oct 2004 12:02:13 +0200, Nils Philippsen <nphilipp@xxxxxxxxxx> wrote:
> > Although you don't necessarily need a graphical login.
>
> I'm not sure I like using the argument that expects people to use a
> console login in which they are unfamiliar to the tools. As more and
The user can then still login on the command line and run startx as
others have pointed out ;-). Seriously, system-config-authentication
could just run authconfig when not running in X.
> more wizardy Setting Setting tools get developer to ease the task of
> administration on for subsystems, you have to expect less proficiency
> at the commandline among admins in the userbase overall. If openldap
> authing can be configured without stepping foot into consoleland,
> having a way to troubleshoot common configuration failure modes of
> openldap without dropping to console would seem appriopriate. The
> argument isn't so much about bare minimum 'needs' to get the job done.
> The argument is, adminsn especially less experienced admins, are going
> to find ways to use the tools they are comfortable with to solve their
> defcon 3 problems so it gets solved as quickly as possible.
>
> With that preamble in mind.... is "best practise" with regard to
> openldap or other network authing to have at least one locally authed
> unprivlegded "operator" as suggested previously in this thread? If so,
> are their opportunities in the ui tools in Core to strongly suggest or
> strongarm if not require that such a local operator be created?
Good idea.
Nils
--
Nils Philippsen / Red Hat / nphilipp@xxxxxxxxxx
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
