|
Home > Archive > Unix administration > August 2006 > LDAP setup with Linux, Help Needed
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
LDAP setup with Linux, Help Needed
|
|
| ServerChief 2006-08-17, 1:19 pm |
| Hi All,
I'm creating an LDAP server which will be in place for all our unix
servers authenthication methods. I was able to setup LDAP and can
bascly use it now, however, i want the ldap server to autosync with one
of my unix servers. So for examle if new user has been added on
specific box, i want that user to be auto added to ldap db?
Have anyone done anything similar? Any suggestions is greatly
aprreciated, i'm looking in to how this can be implemented.
Thanks
ServerChief
| |
| Lew Pitcher 2006-08-17, 1:19 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ServerChief wrote:
> Hi All,
>
> I'm creating an LDAP server which will be in place for all our unix
> servers authenthication methods. I was able to setup LDAP and can
> bascly use it now, however, i want the ldap server to autosync with one
> of my unix servers. So for examle if new user has been added on
> specific box, i want that user to be auto added to ldap db?
>
> Have anyone done anything similar? Any suggestions is greatly
> aprreciated, i'm looking in to how this can be implemented.
never done it myself, but others have.
If your Unix supports Pluggable Authentication Modules ("pam"), then I
believe that there is a PAM module for LDAP authentication.
If your Unix uses NSS, then you can use the NSS LDAP module
(see http://www.padl.com/OSS/nss_ldap.html )
HTH
- --
Lew Pitcher
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32) - WinPT 0.11.12
iD8DBQFE5IEbagVFX4UWr64RAvJWAJ9da7r2S/jpCZzj/y4IDpawyIOybgCfV0qq
YGD88COjcAl9fsC4344qUXc=
=PTPL
-----END PGP SIGNATURE-----
| |
| Logan Shaw 2006-08-18, 1:22 am |
| ServerChief wrote:
> I'm creating an LDAP server which will be in place for all our unix
> servers authenthication methods. I was able to setup LDAP and can
> bascly use it now, however, i want the ldap server to autosync with one
> of my unix servers. So for examle if new user has been added on
> specific box, i want that user to be auto added to ldap db?
The normal approach to this is to simply put all these accounts in LDAP
only. Don't put them in /etc/passwd at all. Sure, you can have local
accounts like root, bin, and so on (and maybe "apache" and other accounts
you create for server functions) in /etc/passwd, but all of the single
sign-on regular user accounts should exist just in LDAP.
The challenge then is to get a user management tool that speaks LDAP.
Some Unix systems may already have this built in, and some may not.
- Logan
|
|
|
|
|