On 4/19/07, Francis C. [email protected] wrote:
something
it’s only recently that people are getting interested in the idea of a
centralized authorization service.
I can actually only think of a couple of things right now.
First, when attempting bind_as with non administrator level credentials
and
the :base set to the root of the tree I get an invalid credentials error
message, It has to be the permissions on the tree. I’m not sure if this
is
the default A/D configuration or not but I have a feeling (after talking
to
the admin) that it is. It would be nice if there were a way for
:bind_as or
maybe a new method :bind_as_ad to automatically change the base to
whatever
normal user accounts try to authenticate against. I’m not sure what
that is
if such a thing exists though.
A few simple wrappers for those not familiar with A/D that want to get
“standard” info out of the directory might be nice too. For example a
groups method so those unfamiliar with A/D don’t have to dig through the
directory structure to find memberof, also things like username to grab
the
cn value.
Some might also find some sort of clean interface for grabbing machine
account info to be useful as well.
–
“Hey brother christian with your high and mighty errand, Your actions
speak
so loud, I can’t hear a word you’re saying.”
-Greg Graffin (Bad Religion)