On Thu, 2008-01-10 at 00:35 -0600, Les Mikesell wrote: > Craig White wrote: > > > thanks, I was worried that we didn't have permission for me to > > counterpoint all of Les's anti Fedora/Red Hat attitudes. > > I don't have a particularly anti Fedora/Red Hat attitude. I am just > against shipping things that don't work and making it unnecessarily > difficult to add the parts that can fix it. And your replies about how > you have been able to find instructions elsewhere and make things work > anyway with great amounts of effort that every user will have to repeat > aren't exactly counterpoints. ---- with respect to LDAP... I would submit that it's merely because you don't understand what the technology offers and how it accomplishes its tasks that is the problem. Fedora is not a turnkey distribution but perhaps a respin would do exactly what you are looking for. With respect to Sun's Java... It would appear that the Fedora package managers have decided not to include the Sun java package because of license restrictions. If they were to apply the same standards with all software, by permitting Sun's restricted licensed java, they would open the flood gates. RHEL packagers have a different beast to satisfy...the corporate user and they obviously relented. You know why CentOS packagers won't include java. With respect to LDAP and finding instructions elsewhere... It is a bitch but the reality simply is, there is no one way to do anything at all with LDAP. The information flow on first glance appears to be even worse than you know...try asking how to integrate SASL into OpenLDAP on OpenLDAP-software mailing list and you'll be told that it's off topic and to go elsewhere. OpenLDAP developers provide a tool that meets (as best as possible), various RFC's concerning LDAP and those RFC's have been fluid, not static. They are unconcerned with specific application as their mail list makes clear. If you want to see the complexity of it, merely look to Brennan's Home Networking Guide for a shared LDAP Address Book... http://www.brennan.id.au/20-Shared_Address_Book_LDAP.html of course this is his way and I expect that it works. I didn't use it, didn't audit it for accuracy but have a lot of confidence in his efforts. The problem is that I am not sure that following Betty Crocker's recipes makes you a cook. I believe the adage is that if you give a man a fish, you feed him for a day but if you teach him how to fish, he can eat for the rest of his life. You just need to learn how to fish. I can only wonder what the length of description and amount of time it would take to do similar for LDAP authentication but in the end, it would still represent only one way to do LDAP authentication. Craig
