[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap proxy/cache/replication, ala AD



>> Taking my example of a laptop user:
>> UserA logins, does some work, logs out, and goes home taking the laptop.
>> UserA wants to do some work at home, but, oh no, he can't login as the LDAP 
>> server isn't available.
>> 
>> In a windows domain infrastructure UserA's credentials would have been cached, 
>
>I'm quite sure AD uses an other mechanism outside of LDAP to do this.
>Otherwise it would be a horrible security-breach: You are suggesting,
>that every User has its own LDAP-Server on his own Laptop, so 
>extracting confidential Data would be real easy.

Although they are not yet ready for production, you might find the
following interesting:

	http://www.padl.com/OSS/pam_ccreds.html
	http://www.padl.com/OSS/nss_updatedb.html

-- Luke

--