[Asterisk-Users] Asterisk vs. system user accounts

Dylan VanHerpen dylan at packetbell.com
Tue Jun 24 13:47:50 MST 2003


After saying LDAP is a better choice than system users, I still wonder
why it is important to have users be able to change passwords here.

It would greatly simplify unified messaging: one account, all your messages (email, voice, fax) in one mailbox.



Steven Critchfield wrote:

>LDAP is a _MUCH_ better solution to that problem than user accounts on a
>machine. Even if you have a /bin/false shell, users could cause trouble
>with your system. For security reasons you want to keep the number of
>accounts low and the number of accounts with password protected access
>even lower. So using the built-in passwords for a system would only make
>you more likely to be rooted on a machine that your business will depend
>upon.
>
>After saying LDAP is a better choice than system users, I still wonder
>why it is important to have users be able to change passwords here. In
>small deployments, it isn't going to happen often enough to bother the
>administrator. In office environments, you shouldn't have to modify
>passwords. Only when you have people roving around should you be worried
>about password changes to keep them secure. 
>
>OF course you should also first try to see how hard LDAP is to get setup
>and secured before trying to link it into asterisk.
>
>On Tue, 2003-06-24 at 12:07, Reed Wade wrote:
>  
>
>>Because you haven't written and contributed that functionality yet.
>>
>>(smiley face goes here)
>>
>>That sounds pretty sweet. I'm wondering if LDAP might be the more
>>correct thing to use though.
>>
>>-reed
>>
>>
>>
>>At 10:50 AM 6/24/2003 -0600, you wrote:
>>    
>>
>>>I've been scouring the archives for discussions on this:
>>>
>>>Why doesn't Asterisk use system user accounts for each extension/mailbox? 
>>>That would add the benefit of encrypted passwords, logical grouping, 
>>>unified mail/voice mail accounts (using /var/spool/mail instead of 
>>>/var/spool/asterisk). I can already imagine Festival reading my emails to 
>>>me, HylaFAX faxing documents to me while I'm on the road :).
>>>
>>>Dylan.
>>>
>>>
>>>_______________________________________________
>>>Asterisk-Users mailing list
>>>Asterisk-Users at lists.digium.com
>>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>>      
>>>
>>_______________________________________________
>>Asterisk-Users mailing list
>>Asterisk-Users at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>    
>>





More information about the asterisk-users mailing list