[Gllug] NIS alternatives
Simon Morris
simon.morris at penguinit.com
Fri Jul 18 04:39:12 UTC 2003
<quote who="Richard Cottrill">
> Ian Norton wrote:
> <snip>
>> i need to have the same authentication + uid/gids for users on several
>> linux boxes and
>> feel like using something different to NIS for this,
>
> Yep, LDAP is a contender, pam_ldap is on every Unix so far as I know...
> Windows has Active Directory (includes LDAP with extra bits I believe).
>
I've tried authenticating *nix against AD and it is more trouble than it
is worth unless you buy their add-on (Services for UNIX)
To get a *nix machine to authenticate against LDAP the directory needs to
support RFC 2307 [0] and support certain attributes that AD doesn't have
by default
The directory must store the following attributes
uid; uidNumber; gidNumber; homeDirectory; userPassword;
and can stop these attributes
gecos; loginShell; description
There is a great book on the subject that I've used recently to get it all
working with OpenLDAP [1]
[0] http://www.ietf.org/rfc/rfc2307.txt
[1] LDAP System Administration by O'Reilly. ISBN 1-56592-491-6
--
Simon Morris
simon.morris at penguinit.com
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list