openldap authentication on DragonFly BSD

Justin Sherrill justin at shiningsilence.com
Wed Nov 27 20:11:02 PST 2013


I don't think any of the methods suggested are bad ideas.

A better way to say that might be "first one implemented, wins."
On Nov 26, 2013 11:14 PM, "Predrag Punosevac" <punosevac72 at gmail.com> wrote:

> Dan Cross <crossd at gmail.com> wrote:
>
> > On Tue, Nov 26, 2013 at 7:59 PM, Justin Sherrill <
> justin at shiningsilence.com>
> > wrote:
> > >
> > > On Sun, Nov 24, 2013 at 9:30 PM, Predrag Punosevac <
> punosevac72 at gmail.com>
> > wrote:
> > >>
> > >> I was wondering if somebody could point me to documentation explaining
> > >> how to configure DragonFly BSD to authenticate its users vis LDAP
> > >> server. I will briefly describe LDAP requirement.
> > >
> > >
> > > DragonFly compiles /bin and /sbin as static binaries, which is good if
> > you are worried about a problem making /usr unavailable. However, nss/pam
> > assume you have dynamic binaries and use that to load libraries, so that
> > can't be used - yet.  There's been some discussion of it previously,
> > including today on IRC #dragonfly, and some work there, but it isn't yet
> > set up.
> > >
> > > I may have some of the details wrong - someone can correct me if so.  I
> > could certainly use it.
> >
> > I can't comment on the correctness, but this is one thing I kind of thing
> > OpenBSD gets right with their login_* framework: rather than link against
> > something, just use a separate binary to do the authentication.  PAM
> always
> > struck me as a solution looking for a wrong problem.
> >
> >         - Dan C.
>
> An alternative approach would be System Security Services Daemon (SSSD)
> from Red Hat. I have not compared to SSSD to OpenBSD's ypldapd much but
> it was breeze to set up and works so far really well.
>
> Predrag
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20131127/37d4e15d/attachment-0001.htm>


More information about the Users mailing list