Re: alternatives to NIS and NFS

From: Simon Kitching (simon_at_ecnetwork.co.nz)
Date: 08/03/04

  • Next message: Alan Chandler: "Re: FS-mounting as user woes" 
    To: debian-user@lists.debian.org
Date: Tue, 03 Aug 2004 11:04:13 +1200

    On Tue, 2004-08-03 at 10:53, John Summerfield wrote:
    > Paul William wrote:
    >
    > > Hi,
    > >
    > > I am in charge of a small office network. The server is running Debian
    > > stable with some testing packages and the desktops are running
    > > mandrake 10.0.
    > >
    > > Currently we are using NIS for authentication and NFS to share the
    > > home directories.
    > >
    > > I have been having some hassles with NIS and would like to upgrade to
    > > a more modern system.
    > >
    > > Are there any alternatives to NFS and NIS?
    >
    >
    > NIS and NFS are differen tissues. What's your problem withNFS?
    >
    > For authentication, take a look at LDAP. I mean to.
    >
    > >
    > > As long as it not to complex to setup and is fairly easy to administer
    > > its fine. X is not on the server so all admin takes place over
    > > ssh.Security is an issue.
    > >
    > > It is safe to assume that there will not be any windows clients on the
    > > network, ever :) There is one osx ibook being used but it does not
    > > need to 'login' to the network.
    > >
    > OSX should be able to authenticate against LDAP. Watch your IUDs tho.
    >

    Authentication in Linux is (usually) done via the PAM library, ie
    applications wanting to do authentication link against the PAM library
    and then call PAM apis to do authentication.

    In particular, openssh, login, etc. all do this.

    Here's some info on PAM:
    http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html

    There are PAM modules for ldap, which enable PAM to authenticate against
    LDAP servers. Here's one link I found on this by googling:
    http://www.metaconsultancy.com/whitepapers/ldap-linux.htm

    Also, try google for "linux pam".

    Note that I haven't used PAM and LDAP myself (yet). Like John, it's on
    my to-do list.

    Regards,

    Simon 

    -- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Alan Chandler: "Re: FS-mounting as user woes"

    Relevant Pages

    • Re: PAM & LDAP - Pointer anyone?
      ... We tried PAM LDAP and ditched it. ... If you are worried about security, I would not recommend running NIS. ... instead by the FreeBSD ypbind and ypldapd. ... can be tightened so as to ensure password authentication only ever happens ...
      (FreeBSD-Security)
    • Re: Solaris 9 authentication and access control into Active Directory
      ... implement a user within your Active Directory for the machine, ... As others have mentioned there's PAM samba SMB integration. ... Recently I've been using LDAP authentication. ...
      (Focus-SUN)
    • Re: [opensuse] LDAP served network
      ... One LDAP server and one LDAP client. ... I use pam to configure the various services to perform ... an ldap authentication. ...
      (SuSE)
    • Summary: NIS+ and LDAP - Single sign on
      ... The overwhelming response was that NIS+ is proprietary and that Sun will not ... The majority of the responses indicate that LDAP is the way to go. ... I mainly need this for authentication (login ... Everybody is going LDAP these days: Sun, ...
      (SunManagers)
    • LDAP problems moving from 2.0.11-13 to 2.0.21-1
      ... I collected various documents regarding PAM and LDAP, ... about user not being known to the underlying authentication system. ... upgrading from 2.0.11-13 to 2.0.21-1 disables ldap ...
      (comp.os.linux.security)