Re: LDAP authentication via dsee6
- From: wahjava@xxxxxxxxx (Ashish Shukla आशीष शुक्ल)
- Date: Sun, 11 May 2008 02:15:58 +0530
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"Damon" == Damon Getsman <dgetsman@xxxxxxxxxxxx> writes:
Damon> Okay, I have a cluster of servers that was built to round-robin the
Damon> load of users logging in and out of GNOME via terminals. It was made
Damon> with a person with no concept of servers with scalability,
Damon> unfortunately. We are going to be going through some serious growth
Damon> here and I need some centralized authentication so that we can make
Damon> changes through an LDAP database instead of manually editing /etc/
Damon> passwd and /etc/shadow across several (and soon to be more) linux
Damon> machines.
Damon> Now I've recently had to set up a CentOS machine in order to handle
Damon> Sun Commsuite 5 serving to users on this cluster. This provides an
Damon> LDAP service in order to handle a large amount of its data, but it
Damon> also does password authentication.
Damon> So this is what I'm wondering: password authentication can be
Damon> accomplished via the LDAP scheme in DSEE6, as per the 'user
Damon> authentication' choices in the delegated administrator panels for each
Damon> user. Unfortunately, when looking through the various user options, I
Damon> do not see anything about specifying a home directory, or any of the
Damon> more important /etc/passwd information. My question is, is there a way
Damon> to make that information available through the LDAP server that we
Damon> already have in place through dsee6? I would much rather use this
Damon> existing LDAP server to serve all of the information that we currently
Damon> have in several copies of /etc/passwd across our server cluster.
No ideas about DSEE6, never worked with it. But what you're
specifying, I'm running something similar to that. I've few linux
boxes, installed with GNOME, users login to GDM on any the boxes, and
their homes are mounted at the runtime on those boxes, over NFS. The
user profile is stored in OpenLDAP server. For authentication, I'm
using pam_ldap module[1], and for nsswitch, I'm using nss_ldap
module[2].
This is fairly standard configuration and I'm sure this will work for
you too.
Also check out http://www.saas.nsw.edu.au/solutions/ldap-auth-pam.html
References:
[1] - http://www.padl.com/pam_ldap.html
[2] - http://www.padl.com/OSS/nss_ldap.html
HTH
- --
Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIJgmKHy+EEHYuXnQRArVWAJwO8ah+Tv/gSSa2peY0u4YNdrBrZACfaNdD
exXN0bEdHrLwxm8fwica+pk=
=LsFo
-----END PGP SIGNATURE-----
.
- References:
- LDAP authentication via dsee6
- From: Damon Getsman
- LDAP authentication via dsee6
- Prev by Date: 2057 - The World
- Next by Date: [DNS] Setting up multiple domains with dnsmasq
- Previous by thread: LDAP authentication via dsee6
- Next by thread: Protect yourself against Operation Sudden Fall
- Index(es):
Relevant Pages
|
