Date:  Wed, 9 Jul 2008 16:40:02 +0200
From:  Michael Stauber <bq (at mark) solarspeed.net>
Subject:  [coba-e:13485] Re: Change authentication scheme on BlueQuartz
To:  coba-e (at mark) bluequartz.org
Message-Id:  <200807091640.03115.bq (at mark) solarspeed.net>
In-Reply-To:  <e83bc0150a4e90441a34ed968e9eb405 (at mark) home.groupsware.com>
References:  <e83bc0150a4e90441a34ed968e9eb405 (at mark) home.groupsware.com>
X-Mail-Count: 13485

Hi Jes,

> Is it possible to change the authentication scheme on BlueQuartz, to
> require [user] (at mark) [domain.tld] to be entered, so a user can only authenticate
> if a user by name of [user] exists on domain [domain.tld]?

This was already asked recently. No, this cannot be done with any reasonable 
effort. It would require changes to PAM, perhaps a switch to LDAP based 
authentication and requires extensive changes to CCE, which currently uses 
PAM for authentication as well. Making CCE LDAP compatible could solve that, 
but that's kinda ... tough ... as well.

Even if those non-trivial changes were implemented, it would then require a 
conversion of boxes with the old authentication scheme to the new one, which 
is just one step short of a nightmare as tons of things could go wrong there.

What would be the gains for doing this? Personally I don't see any good reason 
to make this extensive changes for next to no gain. ;o)

-- 
With best regards,

Michael Stauber