Debian’s dpkg system ported to solaris.
So, I turn on debugging so I can see what OpenLDAP thinks is going on and I see that the krb principal is put as UID=PRINCIPAL. But no realm! OpenLDAP should do some realm mapping!
I had a lot of success last night with getting LDAP working with Authentication and mail routing. Unfortunatly, I’ve managed to leave it in an instable state.
The big problem here is that I have to grok how all the parts fit together and that seems to be difficult for me right now. It seems to me that if LDAP is going to let you authenticate using GSSAPI over SASL, they should tell you who you are. You should be able to figure out who you are. They should clearly document how identity maps between SASL and LDAP.
What does CityDesk do? Looks like it provides a GUI front-end for a set of XML transformations. Not that that is a bad thing. It’s a good thing. People feel more comfortable with the “control” that they feel a WYSIWYG editor gives them. Personally, I get irritated from having to go over all the formatting and get it right. But it looks like Joel has combined the best of both worlds — kind of like XMetal does.
I have a similar system in place at work that let’s me edit a document without bothering with the formatting and produce printable copy from the same document. I can change the appearance on the fly — this is what XSLT is for. And, if you are into Perl, check out AxKit which will give you all these benefits for free. But, without the GUI front-end.
Hey! Here is a great resource for setting up LDAP-based mail routing for virtual domains under EXIM. That should be very helpful.
Just another note on the note below about government’s growing power.
All it took to give the government these powers were decrees. “Ok, we’re doing things this way from now on.” Perhaps non-citizens shouldn’t expect any constitutional rights, but what if a suspect is a citizen? Next thing you know, it’ll be drug smuggling suspects who are tried by the military. Then any immigrant and non-citizen. Then we’ll get any citizen who does really nasty things.
So much to think about and worry about. Bush seems to be taking this opportunity to use military tribunals to try suspected terrorists, and his administration has taken to eavesdropping on suspects’ conversations with their lawyer.
They can get away with this because people don’t care about the terrorists.
They don’t think that they can be designated a suspect, so they figure the new rules won’t apply to them. The government takes advantage of this apathy by granting themselves more and more power. Civil liberties for suspected terrorists have taken a precipitous dive over the past couple of months. And, when suspects loose rights, we all loose rights.
This reminds me of what a co-worker said about downloading music over the Internet using Napster. “Until a judge decides its illegal, I don’t care.”
I had a long lunch today with Eddie Parker, an old co-worker from when we both worked at PixSell. He’s moved on to consulting and such now, but it was good to hook up with him for lunch.
He asked me for information about copying a disk from one machine to another on Solaris. The important thing here was installboot but in the process of looking up information about this I came accross numerous pointers to securityportal.com’s “Cold Mirroring” instructions. Unfortunatly, it was only pointers. The actual page was 404.