1 |
On Friday 11 of June 2010 09:24:45 Peter Volkov wrote: |
2 |
> В Чтв, 10/06/2010 в 23:42 -0700, Alec Warner пишет: |
3 |
> > > I don't agree with that, but just out of curiosity, is it possible to |
4 |
> > > use a web interface? phpldapadmin or something |
5 |
> > |
6 |
> > The problem with phpldapadmin is that it potentially opens up LDAP to |
7 |
> > the world. |
8 |
> |
9 |
> Require everybody to forward connection through ssh to get ldap web |
10 |
> interface? It's not hard to setup such tunnel manually or e.g. use |
11 |
> xinetd for automatic tunnel creation on request... Another option is to |
12 |
> use https with ssl client side certificates). I think it's not hard for |
13 |
> developers to generate certificates on dev.gentoo.org and import them |
14 |
> into browsers. |
15 |
|
16 |
I suppose simply making LDAP globally available (SSL only) is asking for |
17 |
trouble. In such case anyway one could choose his/her favourite LDAP client. |
18 |
|
19 |
Anyway I think simple shell scripts for most common activities (devaway, |
20 |
change etc) would do. |
21 |
|
22 |
I'm all for moving to LDAP every info that fits and it's possible. Maybe even |
23 |
things like Gentoo overlays access. |
24 |
|
25 |
-- |
26 |
regards |
27 |
MM |