Hi,

I stumbled onto this before. What is not clearly stated in the doc is that
if you use auth_mech: pts , every user need to exist in the pts database
(ldap in your case). Well, maybe it is clearly stated, but I overlooked it
;-)

That said, you do not need AFS to use pts, though it seems to be very AFS
oriented.

Kind regards,

Clement Hermann
P.S. : Sorry about the top posting : blame the stupid android gmail
client...

On 8 20, 2009 8:10 PM, "Wil Cooley" <wcoo...@nakedape.cc> wrote:

On Wed, 2009-08-19 at 15:33 +0300, Evgeniy Arbatov wrote: > Dear list, > > I
want to ask your advic...
Do I understand correctly from this discussion and the sparse mention of
this in the documentation that the LDAP ptloader module can be used to
manage group ACLs with "auth_mech=pts/pts_module=ldap", instead of
"auth_mech=unix/unix_group_enable=1"?

Does this solve the slowness caused by UNIX groups in LDAP?

Does "auth_mech" affect anything else?

I have heretofore ignored mention of the pts/ptloader stuff because I
was under the impression that it was entirely AFS-related, which I have
no infrastructure for, but if this is the way to enable groups in LDAP
without the slowness, then I need to look more closely at this.

Wil
--
Wil Cooley <wcoo...@nakedape.cc>

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Reply via email to