On 9/1/07, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote: > We all know active directory is just kerberos+ldap, we've been shipping > kerberos & ldap infrastructure for years (and the fedora directory > server is supposed to be even better), and yet somehow few (if any) ever > use it. Let me tell you my experience. Around the first of this year, I decided to use kerberos+ldap to manage the machines in my research lab. After spending hours reading documentation and experimenting with kerberos and ldap separately, I got everything configured. It was only then that I discovered that libuser doesn't support kerberos+ldap. Not wanting to waste all that time, I eventually went with the solution to be found at http://jjames.fedorapeople.org/libuser/ (note to libuser maintainer: there is likely a bug in libuser that can and should be fixed; see that URL for a hint). However, there don't appear to be any warning signs anywhere telling people to watch out for the kerberos+ldap+libuser combination. At least, I've never seen any. Have you? I didn't try Fedora Directory Server; if I'm reading the web page correctly, I went through all this in the month before it hit Fedora Extras. The question is moot now since I no longer manage a research lab. -- Jerry James http://jjames.fedorapeople.org/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
