[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Extension to back-passwd: back-posix

To: Dave Horsfall <daveh@ci.com.au>
Subject: Re: Extension to back-passwd: back-posix
From: Howard Chu <hyc@symas.com>
Date: Sat, 11 Jun 2005 01:41:23 -0700
Cc: OpenLDAP Development <openldap-devel@OpenLDAP.org>
In-reply-to: <20050526125050.G46644@mippet.ci.com.au>
References: <20050526125050.G46644@mippet.ci.com.au>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b2) Gecko/20050606

Dave Horsfall wrote:

	userPassword:	Set from pw_passwd [3]
[3] Probably useless in a shadowed environment.

If you don't implement ACL calls, then you should probably just omit this attribute. If you do implement ACLs, then it may be OK to expose it. The Symas module implements shadow support, as well as AIX tcb, and Secureware (SCO, HPUX) mechanisms.

Again, you have to answer one key question first - are you trying to build a backend that supports authentication services, or are you just trying to expose whitepages information? The latter isn't extraordinarily useful, and the former can be extraordinarily dangerous if you get something wrong. -- -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support

Prev by Date: Re: Extension to back-passwd: back-posix
Next by Date: Call to Novell for support in developing and maintaining JLDAP
Index(es):
- Chronological
- Thread