[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Password Policy OIDs

To: ldapext@ietf.org
Subject: Re: [ldapext] Password Policy OIDs
From: Neil Dunbar <neil.dunbar@hp.com>
Date: Mon, 15 Nov 2004 07:08:32 -0800
In-reply-to: <OF13B0D4B3.DA979D0F-ON86256F4D.00487A5E-86256F4D.004EA8E0@us.ibm.com>
Organization: Hewlett-Packard
References: <OF13B0D4B3.DA979D0F-ON86256F4D.00487A5E-86256F4D.004EA8E0@us.ibm.com>

On Mon, 2004-11-15 at 08:19 -0600, John McMeeking wrote:

> As to manageability of features from LDAP...  I guess that depends on where
> you want to draw the line.  I agree that it is nice if you don't have to
> use one set of tools to manage part of the policy and another to manage the
> rest.  On the other hand, other tools/storage mechanism may be much better
> suited to managing these than LDAP.  I don't think is necessary to store
> the dictionary in LDAP to be able to effectively manage a password policy
> that uses a dictionary.  One may want to share an existing dictionary used
> by other applications

Definitely - but there's no reason that an LDAP backend can't simply
present a read-only, searchable front-end to the standard dictionary
file. It doesn't follow that the LDAP interface must have a true
database behind it.

Cheers,

Neil


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- Re: [ldapext] Password Policy OIDs
  - From: John McMeeking <jmcmeek@us.ibm.com>

Prev by Date: Re: [ldapext] Kerberos Integrity behavior
Next by Date: Re: [ldapext] Password Policy OIDs
Index(es):
- Chronological
- Thread