Removing support for nss_ldap/pam_ldap from YaST LDAP client

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Removing support for nss_ldap/pam_ldap from YaST LDAP client

Jiri Suchomel
Hi!

According to feature #313142 ("YaST support only SSSD for LDAP based
authentication") we want to remove current nss_ldap/pam_ldap support from YaST
modules and leave only support for SSSD. Target is next openSUSE realease
(12.2).

SSSD is there already now (12.1), but still only as an option. With new
approach, we should of course provide a migration from current setups.

However, this also means that we will stop supporting non-encrypted
connections to LDAP server, because  SSL/TLS is a requirement for SSSD. So you
have to prepare your LDAP servers so they are able to provide TLS.


Jiri

--
Jiri Suchomel

SUSE LINUX, s.r.o.                            e-mail: [hidden email]
Lihovarská 1060/12                            tel: +420 284 028 960
190 00 Praha 9, Czech Republic                http://www.suse.cz
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Removing support for nss_ldap/pam_ldap from YaST LDAP client

Josef Reidinger-3
On Tue, 07 Feb 2012 17:20:10 +0100
Jiri Suchomel <[hidden email]> wrote:

Hi,
I think that this is something that should go to release notes. Is
there page on opensuse wiki where developers could write such
information ( I think it is easier to write it now, then trying to
remember it when we are before release ).

Josef

> Hi!
>
> According to feature #313142 ("YaST support only SSSD for LDAP based
> authentication") we want to remove current nss_ldap/pam_ldap support
> from YaST modules and leave only support for SSSD. Target is next
> openSUSE realease (12.2).
>
> SSSD is there already now (12.1), but still only as an option. With
> new approach, we should of course provide a migration from current
> setups.
>
> However, this also means that we will stop supporting non-encrypted
> connections to LDAP server, because  SSL/TLS is a requirement for
> SSSD. So you have to prepare your LDAP servers so they are able to
> provide TLS.
>
>
> Jiri
>



--
Josef Reidinger
Software Engineer Appliance Department

SUSE LINUX, s. r. o.
Lihovarska 1060/12
190 00 Praha 9
Czech Republic

[hidden email]
SUSE
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Removing support for nss_ldap/pam_ldap from YaST LDAP client

Vincent Untz-5
Le mardi 07 février 2012, à 17:31 +0100, Josef Reidinger a écrit :
> On Tue, 07 Feb 2012 17:20:10 +0100
> Jiri Suchomel <[hidden email]> wrote:
>
> Hi,
> I think that this is something that should go to release notes. Is
> there page on opensuse wiki where developers could write such
> information ( I think it is easier to write it now, then trying to
> remember it when we are before release ).

You can file a bug against the release notes component (in openSUSE
12.2), and write the text there.

Cheers,

Vincent

--
Les gens heureux ne sont pas pressés.
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Removing support for nss_ldap/pam_ldap from YaST LDAP client

Rajko M.
On Tue, 7 Feb 2012 17:57:27 +0100
Vincent Untz <[hidden email]> wrote:

> You can file a bug against the release notes component (in openSUSE
> 12.2), and write the text there.

Which doesn't prevent you to create page:
 http://en.opensuse.org/openSUSE:Release_notes_12.2_(unoffical)
with structure:
--8<--------------------------
== <package_or_subsystem_name> ==
===Topic 1 ===
===Topic 2 ===

[[Category:Release_notes]]
--8<--------------------------

Once created and regularly maintained it can be:
- base for official ones,
- used for planning upgrades (as it comes ahead of official notes)
http://en.opensuse.org/Category:Release_notes 
(not yet created)
will have potential to keep together not only openSUSE distribution
release notes, but also any released offspring.

--
Regards, Rajko
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]