LDAP

[Roland Käser]

Hello

 > I think "instead of using /etc/passwd and /etc/shadow" is misleading.
 > Many setups that use LDAP for user auth/info still use /etc/passwd for
 > system level accounts.

May be an option to have the "system accounts" in /etc/passwd and the 
user accounts in the ldap server. But the possibility to install the 
system that way directly from anarconda whould be a big improvement. 
Indeed a package for managing the ldap server afterwards whould be a 
dependency to this concept. Maybe IMC from idealix etc.
Including a PKI (using LDAP and/or kerberos) whould give this a complete 
new glance on the security site (maybe with mail (evolution, 
thunderbird) direct integration etc.
Sorry for my a bit ebullient coming ideas but I see already primary 
target in having a M$ 2003 server replacement which even the M$ admins 
whould prefer before the 2003 server. And in the light of the Novell 
Linux and NDS (edirectory) efforts, a option to install a directory 
server becomes more and more a central role of linux.

Roland



Carwyn Edwards wrote:
> Roland Käser wrote:
> 
>> I suggesting only to have an installation option under 
>> "Authentification configuration" to install an LDAP Server instead of 
>> using /etc/passwd and /etc/shadow.
> 
> 
> 
> I think "instead of using /etc/passwd and /etc/shadow" is misleading. 
> Many setups that use LDAP for user auth/info still use /etc/passwd for 
> system level accounts.
> 
> I agree though, the whole LDAP/Kerberos server side setup is far more 
> fiddly than it needs to be atm.
> 
> Carwyn
>