Re: LDAP configuration (Was: What do you want to do)
- To: firstname.lastname@example.org
- Subject: Re: LDAP configuration (Was: What do you want to do)
- From: Petter Reinholdtsen <email@example.com>
- Date: 10 Nov 2002 23:59:15 +0100
- Message-id: <firstname.lastname@example.org>
- In-reply-to: <email@example.com>
- References: <20020915124514.GA25412@home.ouaza.com> <3D87CC66.firstname.lastname@example.org> <email@example.com>
> Skolelinux is working on automatic LDAP configuration. Authentication
> is already working, and we plan to enable LDAP on the email server and
> web services as well. We ran into a more serious problem when we
> discovered that NSS-LDAP don't support netgroups. We need netgroups.
> Another problem is the fact that the LDAP packages in Woody do not use
> SSL. SSL is needed to avoid sending unencrypted passwords over the
> net. A third problem is that it is impossible to umount /usr/ when
> using nss-ldap. libldap is in /usr/lib/. :-(
The third problem is solved by replacing bash with ash as /bin/sh.
But I believe there is another problem lurking in the shadows. I'm
told that automatic failover from one LDAP server to another to not
work in the OpenLDAP libraries. Anyone know more?
(BTW: I've made a simple howto on how to add a new language to
Skolelinux. Check out
if you are interested in using Skolelinux in your own language. :-)