Now that the dead horse is now also cold, I'd like to get a few licks in by mentioning that's it's also easier to host mail for a lot of domains with qmail-ldap. Also, it's nice to be able to have the same username at seperate domains be entirely different accounts that authenticate w/ the full email address. Not to mention [EMAIL PROTECTED] Or... If you'r especially lazy, the convienience and simplicity of phpQLAdmin. This tool is so simple you can offload most of your grunt work on any willing flunky. Also, with qmail-ldap you are free to use your system uid/gid to enforce disk quotas on a per domain or per orginization basis. Oh, and it's probably faster too. ; )
-ray. On Sunday 08 December 2002 07:44 am, Todd Underwood wrote: > dan, all, > > On Sat, 7 Dec 2002, Dan Melomedman wrote: > > > i guess it depends upon what you mean by flexibility. you're right, > > > the mailalternateaddress functionality of qmail-ldap is nice. on the > > > other hand, the fact that i get configurability of various kinds of > > > authentication and authorization for *all* system services out of PAM > > > is also nice. > > > > Not all system services may be written to support PAM. Also PAM and NSS > > are confused often. PAM means the pamified service is linked to the PAM > > library, and is using the PAM API. NSS is a different story. > > an excellent point and one that has not been clear in the discussion thus > far: probably all most users care about is nss, not necessarily pam. > > on the other hand, many linux distributions PAMify every system service > already anyway, so again it depends on what you start with. i agree that > if you didn't have an OS that had all system services PAMified (linked > with the PAM library) then it would be a royal pain (and probably a > security mistake) to do so. > > > > so you don't have data on the performance of LDAP authentications > > > against PAM. too bad. i was hoping to see some. anyway, we'll throw > > > out the "faster" claim that you made about qmail-ldap until we see > > > those data. > > > > I don't, since I could really care less. I know I'll have less headaches > > if I don't use PAM in the first place. > > that's fine. you were the one who said that qmail-ldap was "Faster". i > tried to verify that claim and couldn't. you can't either and now you say > that you don't care how fast it is. so we can stop talking about what is > "Faster" until someone posts some numbers. > > > > the additional amount of code needed to support PAM on a system that > > > comes bundled with it is 0. the additional amount of code needed to > > > support LDAP in qmail in >0. > > > > Not with qmail. Qmail would need to be patched to support PAM. If you > > mean NSS, then I agree. > > you're right. i really mean nss here. > > t. -- Snow White has become a camera buff. She spends hours and hours shooting pictures of the seven dwarfs and their antics. Then she mails the exposed film to a cut rate photo service. It takes weeks for the developed film to arrive in the mail, but that is all right with Snow White. She clears the table, washes the dishes and sweeps the floor, all the while singing "Someday my prints will come."
