Hello
> I think "instead of using /etc/passwd and /etc/shadow" is misleading. > Many setups that use LDAP for user auth/info still use /etc/passwd for > system level accounts.
May be an option to have the "system accounts" in /etc/passwd and the user accounts in the ldap server. But the possibility to install the system that way directly from anarconda whould be a big improvement. Indeed a package for managing the ldap server afterwards whould be a dependency to this concept. Maybe IMC from idealix etc.
Including a PKI (using LDAP and/or kerberos) whould give this a complete new glance on the security site (maybe with mail (evolution, thunderbird) direct integration etc.
Sorry for my a bit ebullient coming ideas but I see already primary target in having a M$ 2003 server replacement which even the M$ admins whould prefer before the 2003 server. And in the light of the Novell Linux and NDS (edirectory) efforts, a option to install a directory server becomes more and more a central role of linux.
Roland
Carwyn Edwards wrote:
Roland Käser wrote:
I suggesting only to have an installation option under "Authentification configuration" to install an LDAP Server instead of using /etc/passwd and /etc/shadow.
I think "instead of using /etc/passwd and /etc/shadow" is misleading. Many setups that use LDAP for user auth/info still use /etc/passwd for system level accounts.
I agree though, the whole LDAP/Kerberos server side setup is far more fiddly than it needs to be atm.
Carwyn
