-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Christopher Chan wrote: > Eric Shubert wrote: >> Tying these various authentication mechanisms together is a worthy >> objective, regardless of the implementation software (mysql vs pgsql >> vs ldap). The difficulty in any case is to merge the various schemas >> together. I believe that ldap has the best chance of accomplishing >> this, because of the 'standard' schemas that are available for it, and >> due to its nature as a directory vs a database. LDAP is simply a >> better fit for this type of application than a database (see >> http://www.openldap.org/doc/admin24/intro.html#LDAP%20vs%20RDBMS). > > I think the passwd based schema in place looks pretty good.
Agreed. The passwd-based schema is pretty nice, and it's easily mapped to from other schemas. Regarding LDAP, I've been retooling the LDAP module for the 5.5 stable release. As I've probably said a few times in the past, I've been registering OIDs for the vpopmail schema. >> I also think that FreeIPA has the potential to become the defacto >> standard in this area. Making vpopmail able to co-operate/interface >> with FreeIPA could very well extend the lifetime of applications that >> rely on the vpopmail authentication mechanism. It might be feasible to >> develop a vpopmail plugin for FreeIPA at some point (possibly even >> now). I know that FreeIPA has a modular architecture such as this, but >> haven't yet looked at it in any detail. > > I have not had a good look at FreeIPA yet so no comment. Quick glances indicate that FreeIPA is a sort of authentication backend with rules. I don't see why this couldn't be supported, but like Christopher said, I'm not very familiar with FreeIPA, so I'm not sure about it's position to be the standard. Please excuse my obvious intrusion into the middle of this thread with replies to multiple people :) - -- /* Matt Brookings <m...@inter7.com> GnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqdOmIACgkQIwet2/rgZyxDVgCePQ7tJ6i5FzYpewV5f481jGN8 uWUAoJKykZrxxfmlKV4v33aPWbL2Wx46 =tszg -----END PGP SIGNATURE-----