Gary Mills wrote:
On Sun, Dec 03, 2006 at 05:33:15PM -0800, Jo Rhett wrote:
Gary Mills wrote:
We've had excellent sendmail/cyrus integration for years, with
35,000 users. It's done by having all users in the NIS map on
the mail server. No modification to sendmail is necessary because
getpwnam() returns the passwd entry for the user. Users can't log
in to the mail server, of course, because PAM rules prevent that.
The same thing could be done with other user databases, such as
LDAP. Why would you ever need a different form of integration?
We've done the same by putting all user accounts into virtusertable with
the no-recursion option.
That said, it does require something to take user accounts and export
them into virtusertable/nis maps/etc. So this approach is technically
superior to what you and I are doing.
Well, unless you are offering only e-mail service, you have to do that
anyway. We offer many services to all, or subsets, of our users.
Having them all in one database is very convenient. For example, we
have a web portal that authenticates users from the same database as
the e-mail server.
Yes, but again you're not making a good argument for why they should be
forced to create a centralized database if they don't have one already.
Yes, if you already have all this information in another form you don't
have this problem today. So you don't need this project.
This project would help people without that centralized database, or who
want updates to the good user list to happen in realtime rather than
after an export of data.
--
Jo Rhett
Network/Software Engineer
Net Consonance
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
