Re: LDAP configuration (Was: What do you want to do)

To: debian-edu@lists.debian.org
Subject: Re: LDAP configuration (Was: What do you want to do)
From: Petter Reinholdtsen <pere@hungry.com>
Date: 10 Nov 2002 23:59:15 +0100
Message-id: <2flr8dtdoak.fsf@saruman.uio.no>
In-reply-to: <2fl65x2pgdq.fsf_-_@saruman.uio.no>
References: <20020915124514.GA25412@home.ouaza.com> <3D87CC66.6080705@golgotha.net> <2fl65x2pgdq.fsf_-_@saruman.uio.no>

[Petter Reinholdtsen]
> Skolelinux is working on automatic LDAP configuration.  Authentication
> is already working, and we plan to enable LDAP on the email server and
> web services as well.  We ran into a more serious problem when we
> discovered that NSS-LDAP don't support netgroups.  We need netgroups.
> Another problem is the fact that the LDAP packages in Woody do not use
> SSL.  SSL is needed to avoid sending unencrypted passwords over the
> net.  A third problem is that it is impossible to umount /usr/ when
> using nss-ldap.  libldap is in /usr/lib/. :-(

The third problem is solved by replacing bash with ash as /bin/sh.

But I believe there is another problem lurking in the shadows.  I'm
told that automatic failover from one LDAP server to another to not
work in the OpenLDAP libraries.  Anyone know more?

(BTW: I've made a simple howto on how to add a new language to
  Skolelinux.  Check out
  <URL:http://developer.skolelinux.no/info/oppsett/new-language.html>
  if you are interested in using Skolelinux in your own language. :-)

Reply to:

Prev by Date: Re: [stephane.wirtel@belgacom.net: a presentation of DebianEDU in Belgium]
Previous by thread: Re: [stephane.wirtel@belgacom.net: a presentation of DebianEDU in Belgium]
Index(es):
- Date
- Thread