On 6/9/16 6:49 PM, Matthew Seaman wrote: > On 09/06/2016 18:34, Craig Rodrigues wrote: >> There is still value to ypldap as it is now, and getting feedback from >> users (especially Active Directory) would be very useful. >> If someone could document a configuration which uses IPSEC or OpenSSH >> forwarding, that would be nice. >> >> In future, maybe someone in OpenBSD or FreeBSD will implement things like >> LDAP over SSL. > > What advantages does ypldap offer over nss-pam-ldapd (in ports) ? > nss-pam-ldapd can use both ldap+STARTTLS or ldaps to encrypt data in > transit, and I find it works very well for using OpenLDAP as a central > account database. I believe it works with AD, but haven't tried that > myself. > > Cheers, > > Matthew > > We used nss-pam-ldapd quite successfully in the freebsd.org cluster during our transition away from YP/NIS, for what it's worth. -- Peter Wemm - peter_at_wemm.org; peter_at_FreeBSD.org; peter_at_yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246Received on Fri Jun 10 2016 - 12:29:09 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:05 UTC