How do you authenticate centrally?

spectre_25gt · 03-19-2006, 11:21 AM

My first real experience setting up services on *nix systems was OS X. I got a bit spoiled with the way things are set up. The best thing that I found about it was that there weren't separate password databases for every program that needs authentication. I don't like the idea of keeping multiple databases like that because it seems too easy for things to become confused.

I've been looking into LDAP authentication, but I don't know whether I'm heading in the right direction.

Any ideas?

crimsontide · 03-19-2006, 03:05 PM

See if NIS+ is what you are after.

timmeke · 03-22-2006, 07:11 AM

LDAP can be a good choice too, if I'm not mistaken.

Otherwise, use PAM to simplify authentication to many applications, including standard logins.
But that's just for authentication on one host, not centrally on a server (like NIS+ or LDAP).

sundialsvcs · 03-22-2006, 08:39 AM

There are books on that subject ... and many of them are on-line. Start by searching for LDAP, look at the OpenLDAP web-site, and follow the various "References" links. Also check out the various Wikipedias, here and elsewhere.

The essential idea is that authentication occurs through a central server (or distributed network). PAM (Pluggable Authentication Modules) is the customary Linux mechanism for interfacing to it, since PAM can handle authentication generically for any application that's aware of PAM. (The applications "just ask PAM," and PAM asks LDAP or whatever.)

spectre_25gt · 03-23-2006, 04:21 PM

Awesome. PAM Sounds like what I'm looking for. Thanks for the tips everyone!

Btw, I have a book on LDAP coming to me soon as well.

~=gr3p=~ · 03-26-2006, 07:02 AM

NIS+ sux LDAP rox

!

http://directory.fedora.redhat.com/wiki/Main_Page