LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 08-17-2005, 03:17 PM   #1
AdamSBS
LQ Newbie
 
Registered: Aug 2005
Location: Solon, Ohio
Posts: 4

Rep: Reputation: 0
Managing user accounts in LDAP


A few months ago I moved a clients office to an LDAP / samba domain. Previously we used a Windows program that would edit the registry for users that would restrict them from doing things, like group policies. We are now finding out that this program does not work with domain accounts. I have read the SAMBA3-HOW-TO Collection document. In it, it references using Microsoft AD to creage group policies. My issue is that I dont have a Microsft Server with AD on it, hence why everything is Linux. The clients range from Windows 2000 to XP.

Is there any simple / not-simple way to create and incorporate group policies with LDAP ?
 
Old 08-22-2005, 02:28 PM   #2
jjohnston62
Member
 
Registered: Aug 2003
Location: Minnesota, USA
Distribution: RedHat, Suse
Posts: 106

Rep: Reputation: 15
No, there is not a method for creating group policies in LDAP. This is a function that requires Active Directory.

I assume that previously you used the local security policy area for restricting access to specific areas in Windows. Perhaps you need to look into other options... K-12 environments typically use other apps like "Clean Slate" - Fortres for doing this kind of stuff, protecting student labs, etc.

Jon Johnston
Creative Business Solutions
IBM, Microsoft, Novell/Suse and Sophos Consulting
952-544-1108
http://www.cbsol.com
Blog:http://bingo.cbsol.com
 
Old 08-22-2005, 02:56 PM   #3
AdamSBS
LQ Newbie
 
Registered: Aug 2005
Location: Solon, Ohio
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally posted by jjohnston62
No, there is not a method for creating group policies in LDAP. This is a function that requires Active Directory.

K-12 environments typically use other apps like "Clean Slate" - Fortres for doing this kind of stuff, protecting student labs, etc.

Well that really stinks. We do use an application like "Clean Slate". Although it doesn't do everything we want and doesn't really work in a domain environment. I have looked into 'Local Policy' settings but am not sure if it would be too much work if I had to change 1 setting and then have to change it on all the computers.

How do System Administrators enforce policies in an LDAP Domain environment with Windows clients? Do they use software like "Clean Slate"? The Samba-HOW-TO mentioned being able to use group policies, but it doesn't look possible.

Thanks for the reply
 
Old 08-24-2005, 08:42 AM   #4
jjohnston62
Member
 
Registered: Aug 2003
Location: Minnesota, USA
Distribution: RedHat, Suse
Posts: 106

Rep: Reputation: 15
To be honest, most of my clients that are using linux like this don't enforce policies. Much of the software that's being used by end users requires administrative rights, or they simply don't worry that much about locking the machines down that tightly.

Yes, it results in some problems, but if people understand what we're doing, not as many as you'd think.

OTOH, I've seen AD environments where the admins went nuts with GPO and the environment is so FUBAR that it's impossible to change anything without severe breakage.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Managing user Accounts with Group Policies, LDAP AdamSBS Linux - Software 2 08-24-2005 08:10 PM
Using LDAP to create and Manage Linux Accounts BBQ_Matt Linux - Networking 2 06-20-2005 04:20 PM
YaST building cache ldap accounts soccertux Suse/Novell 0 03-17-2005 10:03 AM
Managing accounts pk21 Linux - Software 0 08-09-2003 11:58 AM
mutt - managing multiple accounts nic_d Linux - Newbie 0 02-14-2002 04:52 PM


All times are GMT -5. The time now is 04:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration