Since my transition to Manager of Network Engineering, and with the hire of a new Network Engineer, my role has changed significantly in IMT.  At this point in time my primary role is to oversee the installation and configuration of new telecommunications systems.  This most often includes working with project managers and contractors to facilitate the proper installation of cabling and equipment in new constructions.

Furthermore as manager of the group, I am responsible for the successfull operations of all inter-host communications.  This includes data and voice networking at a logical and physical level.

In addition I continue to work with AWG on architecture issues, and I am available to assist the rest of Network Services for consultation.

Bad news for us, good news for security standards. So it seems that the OpenLDAP project is starting to work towards elimination of most simple bind functionality. There are a few posts here and there about it. As part of this, versions 2.1.23 and greater of OpenLDAP do not support the simple bind {KERBEROS} functionality that we are currently using. We are currently running version 2.1.21 in production.

Some options for working around this problem include:

1. Switching to the simple bind {SASL} option which uses a ldap->saslauthd->kerberos or ldap->saslauthd->pam->kerberos method of credentials authentication. (Haven't been able to make this work right yet)
2. Not upgrading OpenLDAP.. ever.
3. Eliminating ldap simple binds in the environment.
4. Moving authentication directly to Active Directory.