[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ldap
Subject:    [ldap] Antwort: RE: Antwort: with what should I replace nis?  [Virus
From:       denis.havlik () t-mobile ! at
Date:       2004-04-16 8:01:04
Message-ID: LYRIS-886202-695881-2004.04.16-04.02.06--ldap#progressive-comp.com () listserver ! itd ! umich ! edu
[Download RAW message or body]

This is a multipart message in MIME format.
--=_alternative 002C0B44C1256E78_=
Content-Type: text/plain; charset="us-ascii"

> Authentication with pam/ldap over ssl/tls is much slower than with ndis. 
Even without ssl/tls it's slower.

My sugestion was to do authentication with kerberos, and authorisation 
with LDAP. You can even do Kerberos authentication with NIS authorisation, 
if that's more to your liking. LDAP is nice because it can be used for 
authentication of other things, not just UNIX accounts, but this may be 
irrelevant to you.
 
Isn't there some way to do what we need without pam?
 
Oh, I'm quite sure there is - write your own login stuff. Obviously this 
means "nonstandard" and "lots of work" => I wouldn't recomend it even on 
open systems where you have the complete code. On Irix it means even more 
work...



---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
SUBJECT of the message.

--=_alternative 002C0B44C1256E78_=
Content-Type: text/html; charset="us-ascii"


<br>
<br>
<br>
<br><font size=3 face="Times New Roman">&gt;</font><font size=2 color=blue \
face="Arial">Authentication with pam/ldap over ssl/tls is much slower than with ndis. \
Even without ssl/tls it's slower.</font> <br>
<br><font size=3 face="Times New Roman">My sugestion was to do authentication with \
kerberos, and authorisation with LDAP. You can even do Kerberos authentication with \
NIS authorisation, if that's more to your liking. LDAP is nice because it can be used \
for authentication of other things, not just UNIX accounts, but this may be \
irrelevant to you.</font> <br><font size=3 face="Times New Roman">&nbsp;</font>
<br><font size=2 color=blue face="Arial">Isn't there some way to do what we need \
without pam?</font> <br><font size=3 face="Times New Roman">&nbsp;</font>
<br><font size=2 face="sans-serif">Oh, I'm quite sure there is - write your own login \
stuff. Obviously this means &quot;nonstandard&quot; and &quot;lots of work&quot; \
=&gt; I wouldn't recomend it even on open systems where you have the complete code. \
On Irix it means even more work...</font> <br>
<br>

---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
                SUBJECT of the message.
--=_alternative 002C0B44C1256E78_=--


[prev in list] [next in list] [prev in thread] [next in thread]