Authentication services in Ubuntu

[Robie Basak]

On Tue, Jun 04, 2013 at 10:02:09AM +0200, Bolesław Tokarski wrote:
> On 06/03/2013 09:06 PM, Timo Aaltonen wrote:
> >ldap-auth-config is an ubuntu specific package, which seems to be
> >basically unmaintained for some time now. Then again I don't see why
> >libpam/nss-ldap should be touched, if we're going to use lib*-sss.. the
> >obsolete package(s) could be dropped once the new stuff is working.

> I'd say to drop the changes made against Debian. Aside for the
> separation that Debian does with regards to ldap.conf files (for nss
> and pam, it doesn't seem right to me), I'd say drop the diffs.

I also got the impression that they weren't maintained well. I'd also
like to see them resynchronised with Debian, with any extraneous delta
dropped. Though I'm reluctant to agree straight away, without first
understanding the circumstances around why they were added in the first
place.

It's also worth noting that we generally don't want to make big changes
on an LTS release. So any invasive changes that might have some level of
upgrade incompatibility, or a complex upgrade path that needs testing
carefully, should really go into a non-LTS release. It's getting late to
do this in Saucy. So this may have to wait until U, subject to what
others say.

Nowadays, would I be right in thinking that enterprises manage their
config files at a higher level? How many deployments are actually using
debconf to configure LDAP across their machines?