[Systems] [Systems-logs] [DNS] Sugar Labs DNS zone data branch, master, updated. 8f472af67a1177a9644675b1fd2c2af7dff2e77a

[Bernie Innocenti]

On Sat, 2011-10-01 at 15:41 +0200, Sascha Silbe wrote:
> > 1. will this OpenID server also authenticate users against LDAP? Or CAS?
> > I think we  we should try to consolidate on fewer users' databases as
> > possible.
> 
> It does use LDAP and the instance [2] running on sunjammer even uses the
> SL LDAP server. My next step would have been either trying to set up a
> slave LDAP server on identity or using the master server directly.

Nice. We could host the slave and the OpenId service on lightwave as
well.


> > 2. Couldn't we allocate an extra IP on sunjammer?
> 
> I've asked you that before and you said it isn't possible. Has anything
> changed since then?

It requires changing the firewall rules on the dom0. Shame, I could have
done it myself when I was still at the FSF!

I'll ask my former coworker ward if he could do it for us.


> > 3. Does the OpenID server support you intend to deploy support multiple
> > domains? I currently use both id.sugarlabs.org and id.codewiz.org.
> 
> I haven't tried, but a quick scan of the code [1] (it's been a while since I
> wrote it) showed no obvious problem spots. However it doesn't support
> virtual hosting, i.e. the set of users is the same for both domains. If
> you don't want foo at sugarlabs.org to also have own the account
> foo at codewiz.org, you'd need to set up a separate instance with its own
> database and manage your account on both instances. Or you could
> implement virtual hosting and send me the patch. ;)

I think it's fine: we can't have two shell accounts with the same
username anyway.

-- 
Bernie Innocenti
Sugar Labs Infrastructure Team
http://wiki.sugarlabs.org/go/Infrastructure_Team