FC2 and general LDAP Support

[Nils O. Selåsdal]

On Thu, 2003-11-27 at 01:50, Ulrich Drepper wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Lengthy thread, but I still want to add my 2¢.
> 
> Making LDAP the default is overkill for a lot of people.  Centralized
> administration is useful in larger networks and maybe even in some home
> networks.  My home network certainly qualifies as not-small but I still
> wouldn't want it since I have different configurations on the different
> machines.  LDAP must be introduced on demand, and not forced upon one.
> 
> BTW: it's not only the LDAP daemon which is needed, every machine in the
> network would also have to use nscd.  Without it LDAP can be, ehm, slow.
> 
> 
> What I completely agree with is that the LDAP integration into the
> distribution isn't as good as it could get (euphemism).  Every time I
> have to install it I do something wrong and it ends up costing me hours.
> 
> So, what I'd suggest as a first step is writing some meta RPMs which do
> the conversion for you.  This Sun jvm RPM which has been repeatedly
> mentioned here is a splendid idea: don't distribute the code, just a way
> to make it work.  Make the code a dependency.
> 
> Same can be done for the LDAP stuff.  Make an RPM which requires all the
> LDAP components which then does all or parts of this list:
> 
> ~ create a key for the server
> ~ run the migration scripts
> ~ make the ldap nss module used locally
> ~ make sure nscd is running
> ~ eventually replace programs like useradd with useradd.ldap
> ~ create a script the admin can run on the other machines in the network
> ~ etc etc
Authconfig allows you to do atleast half of this. Atleast most things
needed at the client side. What is more needed is an administration
application. Capable of doing what gq does today, but also more 
specialized features such as initializing the ldap server.

-- 
Vennlig hilsen/Best Regards
Nils Olav Selåsdal
System Engineer
UtelSystems a/s

w w w . u t e l s y s t e m s . c o m