directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Boorshtein" <>
Subject Re: SQL-to-LDAP backend? (was Re: [OT?] user list)
Date Thu, 15 Jun 2006 18:50:37 GMT
> Yeah, I assume that would do. By now it looks like pam_ldap will have to
> do the job of connecting the Unix-based servers to the LDAP directory to
> fetch user accounts, Maybe it will be extended later to also provide
> group information but right now that's not that much important.

Thats a whole lot more fun :-)  So at least initally i would think the
penrose product can do everything you need pretty easily.  When you
get into pam_ldap you'll have to decide where you want to store the
unix specific attributes.

> Yes, I'm currently playing around with certain encryption mechanisms the
> DMS provides for the password stored there. Basically, it's really just
> about making a single table (two if talking about groups, too) in a
> relational database accessible via LDAP...

Ok, so from the sound of it you are storing the password in the
database, but it isn't there yet  One thing i've done before is just
use SSHA to do a 1 way hash of the password when it's stored in the
db.  How are you planning on getting the passwords into the db?


View raw message