[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] Help with centralizing account management

To: Paul Dlug <paul@nerdlabs.com>
Subject: Re: [SAGE] Help with centralizing account management
From: Leon Towns-von Stauber <leonvs@occam.com>
Date: Tue, 16 Jul 2002 22:32:58 -0700
Cc: sage-members@sage.org
In-Reply-To: <200207161421.06818.paul@nerdlabs.com>
Sender: owner-sage-members@usenix.org

> accounts. There is a planned migration to LDAP in the next few weeks as 
> we
> move toward Solaris 9. I tested pam_ldap with FreeBSD and it works, 
> however a
> password file entry is still necessary so it doesn't really solve the
> problem. LDAP seems like it's the right choice and it works well under
> Solaris however I don't see mature support for it under *BSD and linux. 
> Can
> someone recommend a solution?

You're on the right track. You need the PADL pam_ldap and
nss_ldap modules (from www.padl.com, among other places). I've
used them successfully for authentication and directory service
lookups on Linux (and Solaris), and you shouldn't need local
password entries.

And this comment on the nss_ldap page implies that FreeBSD
should work with some extra effort:

"Earlier versions have been ported to FreeBSD, and the current
version should work as long as the C library is recompiled to
use the BIND IRS."

-------------------------------------------------------------
Leon Towns-von Stauber		http://www.occam.com/leonvs/
Amazon.com, UNIX Systems Engineer	<leonvs@occam.com>
"We have not come to save you, but you will not die in vain!"

References:
- [SAGE] Help with centralizing account management
  - From: Paul Dlug <paul@nerdlabs.com>

Prev by Date: Re: [SAGE] Help with centralizing account management
Next by Date: Re: [SAGE] Managers who "engineer"
Prev by thread: Re: [SAGE] Help with centralizing account management
Next by thread: Re: [SAGE] Help with centralizing account management
Index(es):
- Date
- Thread