[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Does everybody end up writing their own directory management programs?
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: Does everybody end up writing their own directory management programs?
- From: John Lewis <oflameo2@gmail.com>
- Date: Sun, 18 Sep 2016 15:25:55 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=FZ2RTA2NBoML8NuTln7Et1RbNRIlLaiA2Ybw7WqQmMY=; b=jFwLqyK9+aeOxge19vYodSO3mhgdENLQ2grAdO63K1U2lGHhJta+wBDGvB6pSlPx1q zlZrBYPXWC1kfdqdND9WNI7xOMwOver+q7fk6lp5sdBSf+9OWej3F3/8ob4PqSAahEt+ vmXWt3U6lolq6t8wqdrJgRjyQ0ivaUoQYfIdQq6dkbbIrgG1TZIc/RpDQlih0RQ1ySe1 HMH1Ktz77fXZ4UOyckQIrmkx0iBDNb8SdHvsJp88bbp50KqwTKtvipAahYHb6FpUJTAm De+E8S8ub7s3mXynQplK9q1zeCz3Uq9j9aDapu9yn5zMdQRgvqURdBj43O9ivX9sd5qC ZsfA==
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.2.0
Right now I am trying to weigh my options for maintaining my POSIX
accounts on an OpenLDAP tree.
I learned today that ldap templates in ldapscripts really don't work, so
if I want to go on using ldapscripts, I would have to run ldapmodify
after every account is created to get the gecos configured properly and
have a kerberos principal configured.
I could:
a. run ldapmodify after every account is created to get the gecos
configured properly and have a kerberos principle configured
b. reverse engineer ldapscripts and patch it and then maintain a branch
c. manage users with ldapmodify and have to deal with not having default
options for either the account creation or the ldapmodify switch statements
d. write and maintain another tool that creates and executes the ldif
but has options that would be the same for my directory filled in
Every single one of these options seem to be pretty time consuming or
error prone. I don't know which way I should go with this one.