[CFT] ypldap testing against OpenLDAP and Microsoft Active Directory
Peter Wemm
peter at wemm.org
Fri Jun 10 14:29:09 UTC 2016
On 6/9/16 6:49 PM, Matthew Seaman wrote:
> On 09/06/2016 18:34, Craig Rodrigues wrote:
>> There is still value to ypldap as it is now, and getting feedback from
>> users (especially Active Directory) would be very useful.
>> If someone could document a configuration which uses IPSEC or OpenSSH
>> forwarding, that would be nice.
>>
>> In future, maybe someone in OpenBSD or FreeBSD will implement things like
>> LDAP over SSL.
>
> What advantages does ypldap offer over nss-pam-ldapd (in ports) ?
> nss-pam-ldapd can use both ldap+STARTTLS or ldaps to encrypt data in
> transit, and I find it works very well for using OpenLDAP as a central
> account database. I believe it works with AD, but haven't tried that
> myself.
>
> Cheers,
>
> Matthew
>
>
We used nss-pam-ldapd quite successfully in the freebsd.org cluster during
our transition away from YP/NIS, for what it's worth.
--
Peter Wemm - peter at wemm.org; peter at FreeBSD.org; peter at yahoo-inc.com; KI6FJV
UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246
More information about the freebsd-current
mailing list