[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: migrating from (old) /etc/shadow to LDAP

To: openldap-technical@openldap.org
Subject: Re: migrating from (old) /etc/shadow to LDAP
From: Simone Piccardi <piccardi@truelite.it>
Date: Fri, 23 Sep 2011 14:00:44 +0200
In-reply-to: <4E7C6B86.5070702@symas.com>
References: <1316552249.7492.8.camel@inca.fmed.uba.ar> <20110920231818.GA9425@iniquitous.lan> <1316602294.20463.8.camel@inca.fmed.uba.ar> <20110921141645.GA11869@iniquitous.lan> <1316688650.26247.9.camel@inca.fmed.uba.ar> <20110922141059.GA14997@iniquitous.lan> <4E7C5D25.1040008@truelite.it> <4E7C6B86.5070702@symas.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.21) Gecko/20110831 Iceowl/1.0b2 Icedove/3.1.13

On 23/09/2011 13:20, Howard Chu wrote:


Not a major shortcoming. If you're actually using LDAP then you should
set expiration using ppolicy and not using shadow attributes at all.

Did this solve problems with current nslcd, libnss-ldapd, libpam-ldapdpackages on Debian Stable and Ubuntu LTS? I was not aware of this.

Anyway I have more than 80 server in schools, with hundred of studentsregistered in each one. When they where created 6 years ago ppolicy wasnot an option.

I prefer to install a patched slapd-smbk5passwd package on each serverand have a consistent managament of the actual information thanreworking the data in each database and make changes in about 2500client configurations.

Ppolicy could be the future, but I have to deal with the present and thepast.


Simone
--
Simone Piccardi                                 Truelite Srl
piccardi@truelite.it (email/jabber)             Via Monferrato, 6
Tel. +39-347-1032433                            50142 Firenze
http://www.truelite.it  Tel. +39-055-7879597    Fax. +39-055-7333336

References:
- migrating from (old) /etc/shadow to LDAP
  - From: Gerardo Herzig <gherzig@fmed.uba.ar>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Christopher Wood <christopher_wood@pobox.com>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Gerardo Herzig <gherzig@fmed.uba.ar>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Christopher Wood <christopher_wood@pobox.com>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Gerardo Herzig <gherzig@fmed.uba.ar>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Christopher Wood <christopher_wood@pobox.com>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Simone Piccardi <piccardi@truelite.it>
- Re: migrating from (old) /etc/shadow to LDAP
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: migrating from (old) /etc/shadow to LDAP
Next by Date: Re: migrating from (old) /etc/shadow to LDAP
Index(es):
- Chronological
- Thread