On Wed, Jun 01, 2005 at 01:59:19PM -0400, Elliot Lee wrote: > Maybe it's time to start the brainstorming for Fedora Core 5 and Fedora > Extras 5 - what major features are you willing to put effort into? Improved Kerberos/Active Directory support? I asked last week about establishing a standard for keytabs. Noone replied. It would be nice to have a way for authconfig/anaconda to make a system join an AD realm. This is trickier than joining a realm managed by MIT Kerberos. The case where you have a domain administrator at the keyboard is more or less handled by Samba 3's "net ads join", but that's only one of the possible scenarios. I have been trying to tweak Samba to handle another scenario: a computer account has already been created in the directory and you have the account's password. Now you need to create the host principal (for ssh and the like to work), as well as additional principals for httpd and other services. For the time being I can see this done in post-install kickstart scriptlets, because it relies on Samba's net command. Hopefully with Samba4 things could be made easier to integrate. Authconfig would be involved in creating (if needed) the LDAP mappings necessary to convert the Services for Unix schema to the RFC2037 schema that nss_ldap uses: http://enterprise.linux.com/enterprise/04/12/09/2318244.shtml?tid=102&tid=101&tid=100 Something like that should remove yet another barrier to Linux adoption. -- Rudi -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
