Hia,
I usually build my own .debs :) For a very fine guide to all things ssl, ekrberos and ldap, have a look here: http://www.bayour.com. Mr. Turbo has done a great job making it easyer to rock with debian. I was just looking for a simple way to let my debs be the domain of apt-get :). If I am to use debian on more than one machine, I cannot use all my time rebuilding debs. > I used the slapd, libpam-ldap, and libnss-ldap (plus dependencies) packages > from Woody to do so. I also used the PADL migration tools (maybe someone > should package these and put them as recommended for the two libXXX-ldap > packages). Agree. :) > I don't intend to do either for now. If you find an easier way (a > prepackaged .deb way, preferably) please let me know. This was my original question =) > doing #1, but the sheer number of options to openldap combined with my > minimal knowledge of changing Debian package configuration prior to the > simple build, stopped me until I had more time on my hands. > > On the other hand, I would be very interested to know if you or anyone has > a PAM/NSS/LDAP installation on Debian using slave LDAP servers as hot > backups. I haven't seen any documented way of doing this anywhere, such as > providing a list of servers which can be attempted. Have a look at the above link for roundrobin dns querys and the like. > On the other hand, I do not yet see a way to do this with NSS. I would > welcome pointers. I belive you can do it in the ldap.conf file.