[KLUG Members] Distributed Authentication

Adam Williams members@kalamazoolinux.org
Wed, 19 Feb 2003 11:10:56 -0500 (EST)

Previous message: [KLUG Members] Distributed Authentication
Next message: [KLUG Members] Surge suppression for RJ45 connections?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>I have 4 sites all running RH7.3 and Samba, connected to the Internet.
>What I'm looking to do is some how not have to manage all the usernames 
>and passwords separably from each site. I'd like to have them sync 
>through the Internet. Right now I just use passwd with shadow passwords
>and smbpasswd for user access. Right now only one server hosts email using 
>Sendmail. Everyone IMAPs into this server to get their mail. My users are 
>running Win95 through WinXP and a few RH8 Workstations.

Are you using VPNs to connect the networks at the different sites?

>I was thinking of two solutions NIS or LDAP.

Not NIS, over the internet, no way.

LDAP can do what you want.  Replication isn't a problem, and can be 
encrypted.  Just be sure to use a strong authorization scheme between the 
master slurpd and the replicant slapds.

>Ideally I would only have to add a user once and they would have access 
>to all Samba servers and an email address. They would also have only one 
>password synchronized throughout the system. 

Thats LDAP.

>Has anybody done this? 

Yep.

>Which system should I use?

OpenLDAP.

>Any recommendation, pointers, or suggestion would be helpful

ftp://ftp.kalamazoolinux.org/pub/pdf/ldapv3.pdf

Previous message: [KLUG Members] Distributed Authentication
Next message: [KLUG Members] Surge suppression for RJ45 connections?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]