[NTLUG:Discuss] Linux LDAP

gan hawk ganhawk1 at hotmail.com
Wed Aug 27 14:27:58 CDT 2003 

Hi,



Since you are planning to use the Sun One directory server, use a Solaris 
box as the LDAP server. On the Linux side it is simple you just have to 
configure
ldap.conf to point to the right OU and change nsswitch.conf so that it uses 
ldap along with files for authorization. You might also want to mount the 
home directories of all the users from a central file server and use 
automount to mount it on linux.



The main problem with LDAP  is the lack of  a PAM module to authenticate 
users based on groups. Right now all the users will have access to all the 
machines. To avoid that, you have to write your own PAM module based on how 
your groups are organized.



I found these links useful while setting up LDAP

http://www.linux.org/docs/ldp/howto/LDAP-HOWTO/

http://www.personal.usyd.edu.au/~jgre4014/pam_ldap.html



Ganesh






>Howdy Guys,
>I was hoping that some people in this group have already been through some 
>of the trials and tribulations involving the rollout of ldap in a 
>linux/unix enviroment. I was hoping that I could get some good links, and 
>maybe advice on where to start.
>
>It looks like I might be having to take on ldap for linux, unix, mac osx 
>and have it work in conjunction with the ldap being used with the pc group 
>in our company. My managers are pushing for us to go with Sun One directory 
>server, and there seems to be a lot of documentation and support for this 
>product. I need all my *nix based operating systems to be compatible with 
>it.
>
>What I want to know is what works? What are some pitfalls to be aware of, 
>etc. I am quite familiar with Active Directory and the Microsoft way of 
>doing things. In fact, I passed all their exams, and got my MCSE which 
>focuses alot on it. So I am hoping that the learning curve isn't too great. 
>Thanks for any advice you guys might have. Have a great day, and take care.
>
>Paul Drew
>
>_________________________________________________________________
>Get MSN 8 and help protect your children with advanced parental controls.  
>http://join.msn.com/?page=features/parental
>
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss

_________________________________________________________________
MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup

More information about the Discuss mailing list