On Oct 1, 2010, at 2:57 PM, Ray Van Dolson wrote:
On Fri, Oct 01, 2010 at 02:47:09PM -0700, aurfalien@gmail.com wrote:
On Oct 1, 2010, at 2:16 PM, Steve Thompson wrote:
On Fri, 1 Oct 2010, Craig White wrote:
As for OpenLDAP being a royal PITA, I suppose that's a matter of perspective because I've been using it for at least 7 years now and it works for me without any problems whatsoever.
Agreed. I have found that LDAP, in the guise of OpenLDAP, is not very difficult at all once you have done your first setup, providing, as Craig says, you take the time to understand why you're doing what you're doing and you properly plan ahead. OpenLDAP also has excellent performance and is as solid as a rock.
Steve
Whats bizarre is the NIS/LDAP gateway that padl.com sells starting at $1500.
I said screw it and just migrated over to OpenLDAP.
Didn't think it was a PITA but then again, all IT is a PITA so non of it is if you catch my drift.
I mean if its all a PITA, then its not a PITA cuz PITA is PITA if there is no PITA to compare to.
Note that Samba 3.3.x integrates pretty well with AD via winbind. If you can get good external uid mapping going you can even preserve UID's from your NIS environments.
Not for every one, but I scrapped using Samba as it quadruples your LDIFs and use pGina for Windows client auth to LDAP. Now I realize that LDAP is really fast but I just hated how my LDIFs looked after Samba got a hold of em. Samba is an awesome project so I'm not dissin them at all.
Again, I realize not a fit for every env, but I was lucky in not having any large AD/Windows population to deal with, perhaps only a few hundred is all.
-aurf