1 |
В Чтв, 10/06/2010 в 23:42 -0700, Alec Warner пишет: |
2 |
> > I don't agree with that, but just out of curiosity, is it possible to use a |
3 |
> > web interface? phpldapadmin or something |
4 |
> |
5 |
> The problem with phpldapadmin is that it potentially opens up LDAP to |
6 |
> the world. |
7 |
|
8 |
Require everybody to forward connection through ssh to get ldap web |
9 |
interface? It's not hard to setup such tunnel manually or e.g. use |
10 |
xinetd for automatic tunnel creation on request... Another option is to |
11 |
use https with ssl client side certificates). I think it's not hard for |
12 |
developers to generate certificates on dev.gentoo.org and import them |
13 |
into browsers. |
14 |
|
15 |
> >> Bonus plans: |
16 |
> >> - Maybe move mail aliases to LDAP? We'd lose comments :-(. |
17 |
> |
18 |
> Not if you added a comments field ;) |
19 |
|
20 |
+1. Comments are useful (e.g. for non @gentoo.org mail addresses) and |
21 |
btw, it's good idea if willikins will show them too. |
22 |
|
23 |
-- |
24 |
Peter. |