LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
LinkBack Search this Thread
Old 07-01-2007, 12:45 AM   #1
armandino
Member
 
Registered: Oct 2005
Posts: 72

Rep: Reputation: 15
Centralized user management


I am not a network configuration expert, so this question of mine will probably look stupid to more than one forumer...

I think I've understood how to create a Linux LAN with N boxes and file/folder sharing: in all the boxes I define the same N users (useradd...) and appropriate groups, enable the nfs daemon, export the desidered folders and mount them (not in the same computer...) in fstab. As an alternative I could use the Samba service (by the way, which of the two is better?). Am I wrong?

Anyway, I would like to know how I can obtain an equivalent setup without having to define all LAN users on all machines. In other words, I would like to obtain a situation similar to the one I've seen in a Windows Domain Environment, where a central server is managing all LAN users' login and passwords. Particularly, I'd like to understand the way in which permissions can be managed when the LAN users are NOT defined with useradd in every single computer.

Thanks a lot to anyone who will have the patience to explain.
 
Old 07-01-2007, 01:48 AM   #2
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
Hi -

Windows Active Directory uses LDAP (we won't talk about obsolete stuff like LanManager or NetBIOS ;-)).

LDAP was invented on non-Windows platforms, is fully supported Linux, and is pretty much "out of the box" available on most distros:

You can learn more about LDAP here:
http://tldp.org/HOWTO/LDAP-HOWTO/

There are many other alternatives, too. but LDAP is probably your best bet...

'Hope that helps .. PSM
 
Old 07-01-2007, 10:19 AM   #3
armandino
Member
 
Registered: Oct 2005
Posts: 72

Original Poster
Rep: Reputation: 15
Thanks a lot.
 
Old 07-01-2007, 11:38 AM   #4
whistl
Member
 
Registered: May 2005
Location: USA
Distribution: Ubuntu, CentOS
Posts: 37

Rep: Reputation: 15
get the o'reilly ldap book

I used the O'Reilly LDAP book to build my first test LDAP account management environment. It walks through the entire process, step by step, letting you build a working example of what you need.

I wrote a perl program to add/modify/delete entries in our login account/group database, and another to manage the sendmail aliases database, all of which is stored on a pair of replicated OpenLDAP servers.

The only thing I did differently than the LDAP book is to use SSL/TLS certificate authentication/encryption, so passwords aren't flying across the net in plain text and spoofing our LDAP servers is much harder.

The only problem I've run into with using LDAP accounts, is that the stable CVS network daemon doesn't support LDAP accounts (yet), and there is a bug in SUDO with LDAP accounts, which I reported and is apparently fixed in the next release.

Oh, and the steep learning curve. Learning LDAP from scratch can be brutal.
 
Old 07-01-2007, 01:36 PM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,344

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
nothing to do with networking. moved to Linux - General.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Centralized user management armandino Linux - General 3 07-01-2007 10:19 AM
LXer: Configuration Automation & Centralized Management With Puppet on Ubuntu LXer Syndicated Linux News 0 03-04-2007 01:46 PM
LXer: Build a centralized log management and monitoring system LXer Syndicated Linux News 0 10-25-2006 01:24 AM
Centralized management of a small Linux network... linuxpyro Linux - Networking 3 08-24-2004 01:53 PM
help with user management... dawn_angel Linux - Distributions 0 08-18-2004 11:30 PM


All times are GMT -5. The time now is 06:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration