-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi!
Craig White schrieb: > On Wed, 2005-12-14 at 18:29 +0100, Andreas Haumer wrote: > [...] >> >>An (incomplete) list of those "best practice" topics might include: >> >>* overall layout of LDAP tree >> Deep or shallow? What ou should be there? > > ---- > not really a samba issue > ---- > >>* how to store passwords >> cleartext? crypt? SSHA? MD5? What are the pros and cons? > > ---- > not really a samba issue > ---- > Agreed, but still these decisions have to be made if a LDAP database is to be set up and used as system account database, with or without Samba. And for me (and I'm sure for many others, too) Samba (read: the release of Samba3 with much improved LDAP support) was the main reason to deep into the universe of LDAP directories and account databases. >>* where to store machine trust accounts? >> Should you sub-structure your accounts ou or not? >>* use DSA for NSS, PAM, Samba, Radius, replication, etc.? >> pros? cons? Impact on ACL? >>* Where to store the sambaDomainName entry? >> (directly at the tree root or use your own ou?) >>* best way on how to configure your ACL >>* Which tools should one use to change user passwords? >> smbldap tools? Web GUI? PAM with pam_ldap? > > ---- > Methinks that the future samba wiki might be a good place for this > ---- > I agree. This even might be sort of a "standardisation driving force" for LDAP system account database structure. Currently there doesn't seem to exist such standard (apart from very basic things) - - andreas - -- Andreas Haumer | mailto:[EMAIL PROTECTED] *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDoIYVxJmyeGcXPhERAlu+AJwJW2fdJVN5lJ+5anky2Uq0vHetmQCfVGXL hA6SGWWrwqVli8yhe98U+aI= =Tsge -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
