I would be VERY VERY interested in LDAP/Kerberos single sign-on course!!! Something to learn and understand in depth for the future when W2K w/ ADS becomes out of date, I'll have something Linux based to replace it with! :)
Thanks, David M. --- Tanner Lovelace <[EMAIL PROTECTED]> wrote: > On Thu, 04 Nov 2004 16:07:09 -0500, Mark Kempster <[EMAIL PROTECTED]> wrote: > [...] > > That being said, I'm ready to graduate to something a bit more > > industrial-strength. After some light reading, it seems that ldap > > can be the foundation for some services (I'm interested mostly in > > webdav, svn, ssh, imap, smtp). From the admin side, I'm looking for > > a single method of authentication where users can manage their > > own accounts (read: change their own passwords). > > > > I _think_ Trilug's infrastructure went through something similar > > (though presumably a bit more involved) with the single sign-on > > infrastructure that was implemented. > > > > http://www.trilug.org/pipermail/trilug/Week-of-Mon-20020729/009433.html > > explains some of the reasoning. > > > > Are there any Trilug resources (notes, presentations, config files) > > around to shed light on the overall picture and the moving parts of > > this infrastructure? > > Mark, > > As far as the single sign on is concerned, we pretty much implemented > things exactly as described in the document "Replacing NIS with Kerberos > and LDAP" found at: > > http://www.ofb.net/~jheiss/krbldap/ > > (as, in fact, that e-mail notes) That's actually the main reason it's never > been written up (since it was already done). > > For the IMAP server I elected to go with a customized version of > the Washington University IMAP server since documentation on it > was more readily available and it was easier to setup than Cyrus. > Over the last two years, however, the situation with Cyrus has gotten > much better and if I were to setup the server today I would definitely > use Cyrus instead of WU-Imap (in fact, over the past few weeks > I did just that on a personal server and I can attest that Cyrus IMAP > really rocks over WU-IMAP, even though I think the TriLUG Imap server > is very good). Setting up cyrus imap on debian or mandrake these > days basically entails installing the provided packages and setting > up the configuration files. It's really quite simple. > > > If not, is this the sort of topic good for a mini-course? > > We have had presentations and mini-courses on just LDAP > before, but never on a combined LDAP/Kerberos combination. > I would be happy to put together a presentation on it, but it > would probably be fairly similar to the above web page... :-/ > > I could also put together a presentation on IMAP servers > and highlight the pros and cons of various different imap servers > (currently I'd say the big ones are wu-imapd, cyrus, and dovecot). > > Would anyone be interested in either of those? It probably wouldn't > be until next year, since I think we're booked for presentations > through January. If people would prefer a course on either of > those we could probably do it sooner... > > Cheers, > Tanner > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > __________________________________ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
