Michael L Torrie wrote: > Finally, note that the real world compels us to implement compromise > solutions. For example, LDAP simple binds over SSL may be good enough. > Just know there are better solutions. My departmental servers always > try to use Kerberos first, and failing that (no ticket maybe), fall back > to LDAP binds.
Ok, I'll keep that in mind for the future. Right now, the accounts and services I'm managing all exist within a single machine, so I blocked all external connections to LDAP. I may have to move into Kerberos when the system grows beyond that box. Thanks. Shane /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
