On Wed, 2009-11-04 at 17:01 -0500, Brian Mathis wrote: > > In my extremely limited experience with LDAP, it seem that the problem > is not "LDAP" itself, but how to structure it. Most howtos walk you > through installing whatever software, and then say "OK, now you have > LDAP!" > > The problem is that LDAP is useless without a structure and data > inside of it. You are usually left with a blank canvas after the > install is complete. It's a very daunting task to start sticking > things in there without any guidance on the best way to structure it, > especially since this is supposed you be the be-all end-all directory > of everything and anything you do wrong now you need to live with for > your entire life. > > One argument is that everyone has different requirements, but there's > got to be some kind of reasonable default that could be used for > setting up something like distributed password auth. As you mention, > Active Directory does this, and maybe a structure like that is a > reasonable default to recommend/include for people who don't need to > fully architect a directory structure for a global company. ---- The structure is simple if you understand LDAP and horrifically confusing if you don't understand LDAP. If you use CentOS-DS or Fedora-DS, they are opinionated enough upon initial setup to give you a predefined structure so I am not sure where the problem lies except that you still don't understand LDAP so it is of little use. >From it's conception, LDAP was not designed to do user authentication. It happens to work and it can work well and each office/network has its own requirements. I myself have done things differently most times I have set it up for a company...no big deal except that I had to learn how it worked. It's amazing the amount of justification that people can come up with for not learning how technology works. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.