On Mon, 2006-03-06 at 00:43 +0200, Alexander Gattin wrote: > I first heard about TLS_CACERTDIR from you. What is it > usually used for? Having different CA trusted by user > gathered in one place?
yes, you can have a number of different CA certs depending on what you are connecting to. Dropping them into a directory means the ldap tools will be able to use them (after the symbolic links have been set up). > It looks like bug is in libnss-ldap, or libpam-ldap, > not in su, but this has to be proven first. > ok > OK, so you don't use samba schemas, neither do smbldap-* > tools... samba integration is on my todo list. > > BTW, what tools do you use for user/group account > maintenance? ldapscripts? i use some perl scripts that are based on some code I found on the web and then heavily modified. Its not great but it works. Really only useful for adding and deleting, modifications are best done via a browser/editor like GQ or JXplorer (GQ is best but development is stalled, JXplorer is Java and works cross-platform) or one of the web browser based utils. GREG > > P.S. thanks for your help, Greg. -- Greg Matthews 01491 692445 Head of UNIX/Linux, iTSS Wallingford -- This message (and any attachments) is for the recipient only. NERC is subject to the Freedom of Information Act 2000 and the contents of this email and any reply you make may be disclosed by NERC unless it is exempt from release under the Act. Any material supplied to NERC may be stored in an electronic records management system. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]