LDAP and passwords

Darryl Moore darryl-90a536wCiRb3fQ9qLvQP4Q at public.gmane.org
Fri Jul 31 02:48:24 UTC 2009 


William Muriithi wrote:
> 
> Do you mind describing your setup a little?  Use evolutions as an
> example and take us through the authentication process.
> 
> 


Sure. Although I think I've decided I can address one of the issues in
evolution by using Maildir for email instead of imap.

My network uses LDAP and PAM for user login. As well all my servers use
it too, so that the password you use to login to the network will always
be the same as the password you use to retrieve your imap email, send
your smtp email, access your ldap contact list etc... And when you
change your password, via the gui in gnome or calling passwd on the cli,
 the password will change for all these other services at the same time.

The problem comes down to the various clients that then have to access
these services. Such as evolution or thunderbird for imap, smtp and
contact lists.

After you change your password, the next time you run evolution, it will
prompt you for your password so you can access your imap email. When you
access your contact list, it will prompt you for your password again.
When you go to send your email via smtp, you will again be prompted to
enter the exact same password. Evolution stores this passwords locally
so that you don't have to enter it again until the next time you change
it, but none the less, if you change your password, you will then be
prompted many times by various clients to reenter it.

There should be some way to either get all the clients to access a
single local cache for the password (something like KDE wallet perhaps)
or make the password change utility update the various local client
configurations immediately.

Is this a problem any of those other unmentionable operating systems
have or not.

Chris Browne, said in another post that Apple has this worked out. I'm
surprised we don't have anything in the Linux world yet.


cheers,
darryl
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list