|
![](/i/fill.gif) |
On Tue, 30 Oct 2012 11:33:22 -0400, Francois Labreque wrote:
>> BTW, some commercial Unixes like HP-UX do provide proper ACLs (they
>> even use that very term for the feature).
>>
>>
> And recen versions of Novell's NDS are exactly that too.
Well, Novell's product (actually, NetIQ's product now - since they were
acquired by Attachmate last May and the identity products have mostly
shifted to the NetIQ business unit) is eDirectory, and it doesn't do
filesystem permissions - it manages the identities used in filesystem
permission entries in the directory entry tables in NSS and TFS volumes.
I wonder, though, how difficult it would be to use eDir identities as
part of *nix ACLs - probably not hard, just need the RFC2307 (IIRC)
extensions installed to map uid/gid to the OS, and integrate pam
authentication with the LDAP server. :)
Jim
Post a reply to this message
|
![](/i/fill.gif) |