[KLUG Members] management tools for linux

Adam Tauno Williams awilliam at whitemice.org
Thu Nov 24 12:53:35 EST 2005

Previous message: [KLUG Members] management tools for linux
Next message: [KLUG Members] Blocking By User Agent
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2005-11-24 at 09:43 +0100, Bert Bbbink wrote:
> I found these urls:
> Looks like a nice managment tool:
> http://gosa.gonicus.de/

I'd recommend LAM for something like this - http://lam.sourceforge.net/

LAM is the LDAP Account Manager and has sort of a quasi-official
relationship with the Samba project.  It tends to be very up to date,
which many admin tools seem to struggle with.  It also makes few
assumptions about your network architecture and Dit structure, which is
a trap almost all freebie LDAP administration tools seem to fall into.

gosa strokes by biggest pet peeve about LDAP administrative tools - it
introduces its own schema.  This is something applications should do,
not administrative tools.  To manage a user with gosa they must be a
gosaAccount objectclass.  Blech!  They also introduce their own
administrative group, and require organizational units to be
gosaDepartments.  IT IS THE JOB OF THE DSA TO ENFORCE WHAT A CONTEXT CAN
AND CANNOT SEE OR CHANGE,  YOU ONLY HAVE SECURITY WHEN IT IS ENFORCED BY
THE DSA AND NOT SOME SILLY PHP SCRIPT.  gosa is probably fine if gosa
will be the only admin tool you ever admin your DSA with (yeah right,
that is going to happen).

Previous message: [KLUG Members] management tools for linux
Next message: [KLUG Members] Blocking By User Agent
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list