LDAP, ActiveDirectory and the death of Linux at corporate
smoot at tic.com
Wed Aug 15 19:57:12 UTC 2007
On Wed, 2007-08-15 at 13:59 -0500, Brian Fahrlander wrote:
> It's fabulous; I'm happy for your help. It'll only take a handful
> of us, in total, to get the ball rolling!
I have set up OpenLDAP using the NIS schema from PADL and the various
auxiliary bits and pieces (nss_ldap, pam_ldap) for a complete
authentication system with replicated slave servers. Authentication was
at the granularity of an individual host or group of hosts.
I also integrated sudo into this environment, so I could manage sudo
access via the directory. This all worked in a production environment
for over two years with the only restarts needed to update the SSL
certificates each year. It was extremely stable and saved me an enormous
amount of time doing account management.
I also wrote a front-end Web based interface (Unix/Linux centric) for
administration. I can share slides I put together on this system, if
any of you are interested. The admin code is Open Sourced under the
GPL2, so anyone you wants to use it is free to download the code.
email: smoot at tic.com
cell: +1 602 421 9005
home: +1 480 922 7313
More information about the ubuntu-users