1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Immediate to do list (from the back of my head, in no particular order):
* solve feature requests on sourceforge
* implement secure connection modes
* see if there is a better framework for saving preferences
and loading /etc/login.defs (lexical scanner)
* make refresh button to fetch fresh data
from the directory server
* Clean up the codebase making every handling dependent on DNs,
not simple user/group IDs
* import/export via drag and drop and commands
* wizard walkthrough on first time startup (???)
* upon user removal, remove all his/her group memberships (???)
* upon user creation, allow addition to secondary groups (???)
Long term goals:
* directory server setup subproject
- legacy user/group account migration
* directory client setup wizard/standalone subproject
- investigate existing standards or approachs to enable per-server logon
(already implemented as an objectClass and a filter in /etc/ldap.conf
but there must be some other way)
ESTE ESQUEMA ESTA OBSOLETO - SE USA EL ESTANDAR PAM_LDAP
esquema propuesto:
que el servidor sirva, la gente tenga un atributo
- trustModel = fullaccess
- trustModel = byserver
* y varios atributos accessTo <- rename this attribute
y obviamente el cliente lo enforza con un filtro
(|(trustModel=fullaccess)(accessTo=miservidoractual))
|
