* RFC: LDAP Configuration
@ 2018-07-26 12:14 Ratan Gupta
0 siblings, 0 replies; only message in thread
From: Ratan Gupta @ 2018-07-26 12:14 UTC (permalink / raw)
To: OpenBMC Maillist
[-- Attachment #1: Type: text/plain, Size: 1342 bytes --]
Hi All,
Regarding Git hub issue : https://github.com/openbmc/openbmc/issues/3305
Per my analysis following are the desired/mandatory parameters which
needs to be configured -
1) Global for all LDAP servers
LDAP certificate configuration(/assuming same certificate can be used
for all the LDAP servers in the case of secure ldap/).
Certificate configuration would be done with separate activity.
2) Specific to each LDAP server
a)LDAP server IP
b)Secure v/s Non secure LDAP
c)Search Base: Where the search should start on the ldap server
d)Scope of the search: One level or search till the end of the tree.
Users would be allowed to configure multiple LDAP servers.
_*Methods to configure*_
Option 1) Define the D-Bus API which takes all these parameters and
updates the configuration files accordingly.
/Pros: Not tied to a specific ldap client(sssd/openLDAP)/
Option 2) Upload the configuration file directly(/sssd.conf //&//ldap.conf/)
/Cons: Additional overhead of doing file parsing and more bad path
validations than option 1)/
/In the option2 don't do any validation and copy the conf file but
expecting user should validate the correctness of the conf file.
/
/Need opinion from the community members on this proposal on the methods
to configure./
/Regards/
/Ratan Gupta
/
[-- Attachment #2: Type: text/html, Size: 5026 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2018-07-26 12:14 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-26 12:14 RFC: LDAP Configuration Ratan Gupta
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).