Re: FLOSS support [was: Authenticate to ldap using Kerberos]

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Friday, 10 September 2010 08:07:52 Dieter Kluenter wrote:
> Howard Chu <hyc@symas.com> writes:
> > masarati@aero.polimi.it wrote:
> [...]
> 
> >> Quanah, I know that in the past you, Howard and others have contributed
> >> pieces of software to other LDAP-enabled software to enable SASL auth.
> >> 
> >> I had myself some bad experience in contributing things to software
> >> maintainers that did not even understand the need or the importance of
> >> what I was trying to contribute, but that's another story.
> >> 
> >> Maybe we could try, as the OpenLDAP project rather than as individuals,
> >> to promote and support better LDAP (not just OpenLDAP) integration in
> >> other generally useful FLOSS that can interact with OpenLDAP.
> > 
> > I'm ok with spending time on this, but I don't use evolution and have
> > no direct need to get it working.

I note that KMail/Kaddressbook have SASL support in their LDAP backend. The 
Evolution people seem more focused on making Evolution "work with Exchange" 
than supporting standards ...

> > How do we decide which "generally
> > useful FLOSS" should get our attention?

Well, the question is, what aspects should we consider. For people who need 
simple binds in some cases (e.g. access to systems from outside the "secure" 
network), ppolicy support is quite an issue, in:

-freeradius
-apache
-jabber2
-probably most IMAP servers

Of course, some issues between Heimdal/smbk5pwd/ppolicy also need to be 
resolved (hopefully once the new ppolicy draft is finalised and Heimdal and MIT 
support it).

> I have a large list :-) just a few examples:
> 
> - postfix, enable compare
> - (X)Emacs, ldapv3
> - php-ldap, controls, strong binds
> - Net::LDAPapi, documentation

Regards,
Buchan