On 4/19/07, Francis C. firstname.lastname@example.org wrote:
it’s only recently that people are getting interested in the idea of a
centralized authorization service.
I can actually only think of a couple of things right now.
First, when attempting bind_as with non administrator level credentials
the :base set to the root of the tree I get an invalid credentials error
message, It has to be the permissions on the tree. I’m not sure if this
the default A/D configuration or not but I have a feeling (after talking
the admin) that it is. It would be nice if there were a way for
maybe a new method :bind_as_ad to automatically change the base to
normal user accounts try to authenticate against. I’m not sure what
if such a thing exists though.
A few simple wrappers for those not familiar with A/D that want to get
“standard” info out of the directory might be nice too. For example a
groups method so those unfamiliar with A/D don’t have to dig through the
directory structure to find memberof, also things like username to grab
Some might also find some sort of clean interface for grabbing machine
account info to be useful as well.
“Hey brother christian with your high and mighty errand, Your actions
so loud, I can’t hear a word you’re saying.”
-Greg Graffin (Bad Religion)