On Mon, 1 Nov 2004, Dain Sundstrom wrote:
> I think we should have a gpasswd tool that can set a password, add
> accounts, remove them etc, and it would work it all the realms we
> provide. Basically PAM for G.
Currently, the file realm is read/write, but the SQL and Kerberos
realms are read-only. Frankly, I'm not even sure if there's a standard
way to add users to Kerberos or if that's an "implementation detail" (but
I know little about Kerberos).
If we were going to support read/write access to our SQL realm, it
would increase the configuration burden significantly; instead of 2
queries (load user, load groups) you'd need at least 8
(insert/update/delete for users and groups). Do you think it's worth it?
I'm skeptical.
Aaron
