On Thu, 2005-03-24 at 07:40 -0600, Les Mikesell wrote: > On Wed, 2005-03-23 at 22:03, Paul wrote: > > > > > > Concept is turnkey LDAP/Samba - they use the IDEALX scripts - no doubt > > > that SLES 9 is using some implementation of them. > > > > > The problem I think your trying to point out is simple tools can make > > simple things easy, but once somebody needs to do something a little > > more complex that they hit a wall and tool gets in the way because the > > person using the tool does understand how things work underneath. > > If someone needed something complex, they would have already invented > yet-another-schema to deal with their odd situation. What the rest > of us need is an out-of-the-box server with a standard schema that > supplies what the clients that already exist (in that same box...) > expect and a management tool that knows that the matching posix and > samba logins are the same person. > > If you think people will have trouble making a standard tool work > when it comes with working defaults, consider how much harder it > becomes when you have to build your own tool from parts and it > ends up being one of a kind. There is quite a bit of talk on > the k12ltsp list about this as they are trying to settle on a > scripted approach to building a working LDAP configuration. It > just doesn't make sense for every user to have to do that himself. ---- OK let me get this straight... SLES has it's own method for turnkey LDAP Samba is doing their own K12LTSP is doing their own and Paul is asking why Fedora / Red Hat isn't doing their own and we know that Red Hat purchased the Netscape Directory and in the end, we will end up with a lot of different 'standard' implementations of LDAP that work with one specific setup Doesn't exactly simplify things for users Considering all of things that such a system would entail - openssl, cyrus-sasl, kerberos, samba, pam, generating certificates, and on and on, thinking that someone is going to provide a turnkey solution for LDAP is rather myopic...it's only going to entail solutions for the specific needs of a particular set of circumstances and in essence, become a limiting technology when LDAP is purposely designed to be an enabling technology. Of course the price of admission to this technology has always been knowledge...these really are only efforts to circumvent the need to understand how to set it up and how it works. Not sure how the topic of Windows viruses has transformed into an LDAP discussion... Craig