[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap users auth to ldap ;)



	Outcome of todays meeting with the Radius Devel folks:

	1) Michnet/Merit AAA radius has LDAP capabilities, and will
be available in 4.x

	2) They are having issues with thread libraries, and paranoia
about that because of the number of bugs that thread libs have, etc..
and how to deal with them properly in an environment where they need
to be multivendor, etc.

	3) Radius 4.x will have support for the following (w/ realms):

                  c=US
                 /    \
             o=Org1  o=Org2
            /              \
         cn=jared        cn=jared


	where Org1's realm is @org1.org and Org2's realm will be @org2.org
(or whatever) and you can do per-user profiles in ldap, and such so all
will be well for us all.

	Questions?  I think i'm (mostly) clear, feel free to bug me
about anything related to this.

	- jared

> > Michael Thomas Cope wrote:
> >
> > > What I am more interested in is an authetication backend
> > for LDAP, perhaps
> > > PAM that would allow pluggable authentication schemes.  I
> > hacked up our
> > > source to RADIUS as a backend but it's not a good solution
> > long-term.
> >
> > Wouldn't it be more appropriate to support SASL extentions/plugins?