On Sat, 2007-09-01 at 21:59 -0600, Jerry James wrote: > Let me tell you my experience. Around the first of this year, I > decided to use kerberos+ldap to manage the machines in my research > lab. After spending hours reading documentation and experimenting > with kerberos and ldap separately, I got everything configured. It > was only then that I discovered that libuser doesn't support > kerberos+ldap. James, I made some patches to make libuser a bit more friendly to SASL/GSSAPI recently, but the problem with libuser is that it is built around the /etc/passwd and its 5 fields |(+ shadow and its few more fields) only. Libuser lacks the breadth to manage anything based on ldap, which is extensible and more complex even with the current very basic objectClasses available. In FreeIPA we are try to come up with better tools to deal with the specifics of an extensible infrastructure. Simo. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
