| 1 |
On Friday 11 of June 2010 09:24:45 Peter Volkov wrote: |
| 2 |
> В Чтв, 10/06/2010 в 23:42 -0700, Alec Warner пишет: |
| 3 |
> > > I don't agree with that, but just out of curiosity, is it possible to |
| 4 |
> > > use a web interface? phpldapadmin or something |
| 5 |
> > |
| 6 |
> > The problem with phpldapadmin is that it potentially opens up LDAP to |
| 7 |
> > the world. |
| 8 |
> |
| 9 |
> Require everybody to forward connection through ssh to get ldap web |
| 10 |
> interface? It's not hard to setup such tunnel manually or e.g. use |
| 11 |
> xinetd for automatic tunnel creation on request... Another option is to |
| 12 |
> use https with ssl client side certificates). I think it's not hard for |
| 13 |
> developers to generate certificates on dev.gentoo.org and import them |
| 14 |
> into browsers. |
| 15 |
|
| 16 |
I suppose simply making LDAP globally available (SSL only) is asking for |
| 17 |
trouble. In such case anyway one could choose his/her favourite LDAP client. |
| 18 |
|
| 19 |
Anyway I think simple shell scripts for most common activities (devaway, |
| 20 |
change etc) would do. |
| 21 |
|
| 22 |
I'm all for moving to LDAP every info that fits and it's possible. Maybe even |
| 23 |
things like Gentoo overlays access. |
| 24 |
|
| 25 |
-- |
| 26 |
regards |
| 27 |
MM |
Archives