[Date Prev][Date Next]
Re: windows authentication & openldap: explanation.
>It looks possible to replace ADS with OpenLDAP + Kerberos + very recent
>BIND + lots of private Microsoft schema definitions for which there is, so
>far as I know, no description which is both public and machine-readable.
>(And the human-readable spec. appears to be incorrect in some areas.)
There a number of key components that are not available yet in the
open source realm, such as SPNEGO, back-links, PAC signing, etc. We
have made some progress on this front, and independently the SAMBA
team are making great progress too. But it's a long way from ready.
>It just takes a loooong time to wrap up all the little pieces and make
>them play together nicely. Someone will do it eventually.
Luke Howard | lukehoward.com
PADL Software | www.padl.com