В Чтв, 10/06/2010 в 23:42 -0700, Alec Warner пишет: > > I don't agree with that, but just out of curiosity, is it possible to use a > > web interface? phpldapadmin or something > > The problem with phpldapadmin is that it potentially opens up LDAP to > the world.
Require everybody to forward connection through ssh to get ldap web interface? It's not hard to setup such tunnel manually or e.g. use xinetd for automatic tunnel creation on request... Another option is to use https with ssl client side certificates). I think it's not hard for developers to generate certificates on dev.gentoo.org and import them into browsers. > >> Bonus plans: > >> - Maybe move mail aliases to LDAP? We'd lose comments :-(. > > Not if you added a comments field ;) +1. Comments are useful (e.g. for non @gentoo.org mail addresses) and btw, it's good idea if willikins will show them too. -- Peter.