On Fri, Jun 18, 2010 at 02:02:34PM +1000, David O'Brien wrote: > This time I'm wrestling with "native LDAP" vs any other sort of LDAP, > and where does MS Active Directory fit in? > > afaik "native LDAP" just means LDAP provides the identities and does the > authentication. If I'm using OpenLDAP or 389 that's easy enough. Switch > to IPA and Kerberos does the auth (= not native LDAP, right?). What if > I'm using MS Active Directory? Does that or can that do both? Does it > provide identities and rely on Kerberos for auth? Should I not be using > "native LDAP" at all to avoid confusion? > > "native" also comes up in the bug report* in relation to Kerberos: > "Should provide an example of using the proxy identity provider in > concert with the native Kerberos authentication." What's "native Kerberos"? >
in gneneral when we are talking about 'native LDAP' or 'native Kerberos' we mean the LDAP or Kerberos provider of sssd in contrast to using pam_ldap/nss_ldap or pam_krb5 with the proxy_provider. HTH bye, Sumit > That's probably enough for now. Remind me why I gave up coffee...? > > *https://bugzilla.redhat.com/show_bug.cgi?id=601870 > -- > David > > > "We couldn't care less about comfort. We make you feel good." > Federico Minoli CEO Ducati Motor S.p.A. > _______________________________________________ > sssd-devel mailing list > sssd-devel@lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
