> And as a related second question what are the pros/cons of using the
> ldap-control patch as compared to a rsync solution?
i'm not yet using the control patch (well, i've compiled it in with
BAILOUT, but i havn't got any config options in LDAP yet)
but i'd like to switch to it for a simple reason:
in order to add additional domains, you need to modify files on the
filesystem. therefore you need either
- admins capable of using unix editors and secure shell
- easy and secure webinterfaces
Well, i don't like webinterfaces which write in files on the disc, they
might break due to bad locking etc.
The LDAP Control patch removes this need, the changes can be done in the
ldap directory and it's easier to write secure and reliable web interfaces
for the ldap directory ;)
Same for User Management btw. ;) i add new users to the ldap directory
only; their home- and mail directorys are created upon the first mail
they recieve, this is done by a setgid perl script (setgid in order to
create the home dir, this group has write permissions on /home) which
checks virtually everything against strong regexps and compares it with
the ldap database.
But due to the licencing issues of qmail, i'm thinking about moving to
courier, exim or postfix. courier has some very neat features, but the
ldap support isn't as complete yet, i think.
Greetings,
Erich
