Re: ldap
All users are local, and the IMAP tree is built under their home directory. I do set their
shell to /dev/false if they should only have e-mail. Security is enough of a reason to look
into it further, however!
Rod
> Maybe I'm off topic. WHere do you keep your user accounts at the moment?
> are they all local users?
> Most exploits and vulnerabilities are local -- they only apply to your
> machine if you have (other) local users. So it's more secure to have
> "virtual" users via nsswitch / pam /etc and some db (ldap, mysql
> preferably).
> There are more reasons - but this is the most compelling one I think.
>
> Michael Moritz
>
> Rod Rodolico wrote:
>
>>ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of
>>stuff about ldap. I searched the web and got some basic info on what it does, but the big
>>question is, how would it be helpful to me? I also run MySQL services, but mainly the server
>>does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is
>>there any reason I should consider dns?
>>
>>BTW, I also maintain three other web servers for people and use them all as backup servers
>>(using rsync) for each other, but I guess that is not part of the issue here.
>>
>>Thanks,
>>
>>Rod
>>
>>
>>
>
>
> --
> Please note that this account is being filtered using anti UCE systems. If you send email to
> this account make sure that it could not be mistaken as UCE.
>
>
--
Latest survey shows that 3 out of 4 people make up 75% of the world's population.
Reply to: