On 06/ 9/16 05:49 PM, Matthew Seaman wrote: > On 09/06/2016 18:34, Craig Rodrigues wrote: >> There is still value to ypldap as it is now, and getting feedback from >> users (especially Active Directory) would be very useful. >> If someone could document a configuration which uses IPSEC or OpenSSH >> forwarding, that would be nice. >> >> In future, maybe someone in OpenBSD or FreeBSD will implement things like >> LDAP over SSL. > What advantages does ypldap offer over nss-pam-ldapd (in ports) ? > nss-pam-ldapd can use both ldap+STARTTLS or ldaps to encrypt data in > transit, and I find it works very well for using OpenLDAP as a central > account database. I believe it works with AD, but haven't tried that > myself.
nss-pam-ldapd works very well with Active Directory. At work, dozens of people use it on their workstations and hundreds of people use it on the build servers. We've been doing this for years with no issues. Well, we've caused some issues for ourselves, of course... ;) Eric _______________________________________________ firstname.lastname@example.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"