Mark Chatterton wrote: > ldap... might also be a little bit of overkill. As there will only > be 1 maybe 2 users that need to login to unix, around 5 users for > samba & 10 for email. With an overlap of users of around 5 with a > low turn over. They aren't growing at a large rate either. So it > might add a little bit of extra complexity. I haven't had much > experience with LDAP either... is their much to it?
The main benefit of a single authentication backend is the ability to use identical usernames and keep passwords in sync. That means they only need to memorize 1 username and 1 password, which then again can be forced to be a bit more complex. Of course, that makes it all the more important that the authentication is always happening encrypted or else you have a whole lot more than an email account open to the world ;) If you are a consultant I'd say this is a perfect upportunity to learn LDAP and deploy it very controlled. In my shop I have a Win2003 box with Active Directory (Microsofts LDAP with some extra 'features'). Against this I quite easilly integrate every new app, be it email or GoupWare, and users are happy. LDAP is gold when it comes to administrating users and almost every app you can think of supports it.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
