LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 02-24-2013, 01:50 AM   #1
swaggerlee
Member
 
Registered: Jul 2012
Location: India,Kolkata
Distribution: fedora,ubuntu
Posts: 35

Rep: Reputation: Disabled
Question how to controll users and password managment like AD in windows as in linux


HI , all

well lets take a scenario of 50 user under a domain controlled via AD(active directory)in win2003 server which we all know

Now what i need to know is how can i do the same with linux user..

In my office all are in admin user , now i hv to go individualy each and eveyone configure there password and all

i want to manage via domain but in linux not in windos 2003 server

plzz assist me step by step how to proceed so that my users wont use in ADMIN mode rather work in simple user mode..
 
Old 02-24-2013, 01:17 PM   #2
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Squeeze
Posts: 5,776

Rep: Reputation: 311Reputation: 311Reputation: 311Reputation: 311
You and your users should be using the sudo command. You login as normal user. When you need to perform an admin task, you use the sudo command to invoke root privilege to perform a task.

Set up the file /etc/sudoers to give the users root authority. You can name each user to have that authority in order to control who can use sudo.

Use your brower to search the web for more info. You will find much discussion on the topic of sudo and setting up the sudoers file.
 
Old 02-24-2013, 03:10 PM   #3
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 2,211

Rep: Reputation: 572Reputation: 572Reputation: 572Reputation: 572Reputation: 572Reputation: 572
The Linux LDAP client can be configured to use active directory.

Reference:

http://www.cyberciti.biz/tips/authen...directory.html

And there are a lot of options for distributed patch/update management - cfengine for one.
 
Old 02-24-2013, 03:18 PM   #4
PTrenholme
Senior Member
 
Registered: Dec 2004
Location: Olympia, WA, USA
Distribution: Fedora, (K)Ubuntu
Posts: 4,151

Rep: Reputation: 330Reputation: 330Reputation: 330Reputation: 330
Note that you can also set up as many different groups as you wish, and make each user a member of as many different groups as appropriate for that user.

Then, in the /etc/sudoers file, you can give each group access, at whichever level is needed, to the specific programs appropriate for members of that group. Directory and file access is done by setting the ACLs on the directories and files, not in sudoers, but the use of group membership to control access is conceptually similar.

You might also want to look at the Security Enhanced Linux system.
 
Old 02-24-2013, 03:23 PM   #5
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,935
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
Quote:
Originally Posted by swaggerlee View Post
HI , all

well lets take a scenario of 50 user under a domain controlled via AD(active directory)in win2003 server which we all know

Now what i need to know is how can i do the same with linux user..

In my office all are in admin user , now i hv to go individualy each and eveyone configure there password and all

i want to manage via domain but in linux not in windos 2003 server

plzz assist me step by step how to proceed so that my users wont use in ADMIN mode rather work in simple user mode..
Take a look at IPA - http://freeipa.org
 
Old 02-24-2013, 04:29 PM   #6
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,118

Rep: Reputation: 315Reputation: 315Reputation: 315Reputation: 315
FreeIPA looks like a good solution, but for something a little more lightweight you can just use a regular OpenLDAP install (possibly combined with Kerberos if you really need single sign on). Through the ppolicy overlay, OpernLDAP can handle many different types of password policies as may be found for AD users. It also has nice replication capabilities for fault tolerance and redundancy.
 
Old 02-24-2013, 10:30 PM   #7
swaggerlee
Member
 
Registered: Jul 2012
Location: India,Kolkata
Distribution: fedora,ubuntu
Posts: 35

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bigrigdriver View Post
You and your users should be using the sudo command. You login as normal user. When you need to perform an admin task, you use the sudo command to invoke root privilege to perform a task.

Set up the file /etc/sudoers to give the users root authority. You can name each user to have that authority in order to control who can use sudo.

Use your brower to search the web for more info. You will find much discussion on the topic of sudo and setting up the sudoers file.
@ bigrigdriver but all my user are not using linux (fedora 14) as some of them are using linux some are using windows xp

my linux user are using in USER mode but xp user are in ADMIN mode i want all in one single central server controll by linux
 
Old 02-24-2013, 10:54 PM   #8
swaggerlee
Member
 
Registered: Jul 2012
Location: India,Kolkata
Distribution: fedora,ubuntu
Posts: 35

Original Poster
Rep: Reputation: Disabled
one more information i would like to share that i want this centrally managed server setup in ubuntu i.e. ubuntu server
 
Old 02-24-2013, 11:00 PM   #9
EDDY1
LQ Addict
 
Registered: Mar 2010
Location: Oakland,Ca
Distribution: wins7, Debian wheezy
Posts: 5,678

Rep: Reputation: 514Reputation: 514Reputation: 514Reputation: 514Reputation: 514Reputation: 514
Quote:
@ bigrigdriver but all my user are not using linux (fedora 14) as some of them are using linux some are using windows xp

my linux user are using in USER mode but xp user are in ADMIN mode i want all in one single central server controll by linux
Once you get the server online their permissions will change, as you will be setting up permissions for the active users.

Last edited by EDDY1; 02-24-2013 at 11:01 PM.
 
  


Reply

Tags
domain, linux, server, windows


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SAMBA as PDC on SLES 10.2 - Error when Users on Windows Client try to change password santorix80 Linux - Enterprise 0 10-11-2010 04:12 AM
Linux Domain Controller for centralized password managment - is anyone doing this? Echo Kilo Linux - Server 5 11-16-2007 02:21 AM
Cross Platform Password Managment njdube Linux - Security 2 05-24-2006 07:20 PM
Windows network managment tools agallant General 0 02-07-2005 10:15 AM
Windows-based remote users ned to change password ooorah Linux - Security 5 10-13-2004 05:57 PM


All times are GMT -5. The time now is 02:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration