Am Mon, 2003-09-08 um 20.13 schrieb Martin Edenhofer: > > BTW: Authenticated Users do have self write-permission on their password > > field in LDAP > > It's wanted. Because there should be no way (IMO) for other applications > to write into your LDAP. It's critical, beause some time you will get an > inconsistent directory if each application is writting into your directory.
Could you explain that a little bit more? In my eyes LDAP is fully multi-user capable, as it's widely used in Lunixish environments for user authentication. I personally use it for a PAM-based LDAP authentication and addressbook management, as well as for SMTP server configuration. I am completely relying on LDAP. In other words, passwords are stored nowhere else and (nearly) parallel write should be allowed (addressbooks). If I didn't get the OpenLDAP/pam_ldap documentation completely wrong, a solution like this could be capable of serving thousands of users. This wouldn't be possible in a one-user LDAP environment, would it? Btw, why would user X want or be allowed to change the password for another user without the other user knowing this? Regards, Robert Kehl _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
