On Wed, Feb 06, 2008 at 02:42:02PM +0200, Lars Nood?n wrote: > Brett Lymn wrote: > > >Oddly this non-standard AD seems to interoperate with the Solaris ldap > >client, an openldap client and with MIT kerberos just fine. > > Seems to, or actually does? Or can be be pounded in after agreeing to > non-Open licenses? >
Alright. I am Australian and we are renowned for understating things. Just to make it crystal clear for you Lars, I have used squid integrated with Active Directory authentication using purely open source tools (samba winbindd, MIT kerberos 5, openldap) for _years_. It works - no ifs no buts, it just goes. I can bind our Solaris machines to the AD domain using samba, the AD management shows those machines as valid clients in the AD forest. > Point me to some more recent articles or documentation (without NDA > requirements) which counter the following: > Lars, you are an idiot. You are throwing up 8 year old articles describing problems with operating systems that are now obsolete. As others have pointed out, what you are pointing at are non-issues and MS has followed the RFC's. > > What I am saying is that without careful planning, injudicious use of > the patch leads to further entrenchment of an unsound service and the > unsound system in which it is embedded rather than as a transition to a > more stable, secure and maintainable infrastructure. > Ah - you actually failed to answer that bit from my initial message. I am wondering what this mythical infrastructure you write of is. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
