On Mon, May 24, 2010 at 03:46:06PM +0100, Craig Box wrote:
It's 2010 now. Flying cars, etc. I want central authentication across a small network of Ubuntu machines - no Windows machines are expected. Ultimately I'd like multi-master (I believe 389, formerly Fedora DS/Netscape Directory Server does this; and OpenLDAP does not?) so I don't have to think too much about failover/redundancy.
Not really answering your main question in any way, but one gotcha that I've encountered: thunderbird includes its own copy of an ldap library, and if you have 'ldap' in /etc/nsswitch.conf for resolving user IDs then thunderbird will crash on startup. (Basically thunderbird's ldap library is binary-incompatible with the system's openldap, and if nsswitch is using ldap then thunderbird will be dynamically linked against both). John