Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am not a network configuration expert, so this question of mine will probably look stupid to more than one forumer...
I think I've understood how to create a Linux LAN with N boxes and file/folder sharing: in all the boxes I define the same N users (useradd...) and appropriate groups, enable the nfs daemon, export the desidered folders and mount them (not in the same computer...) in fstab. As an alternative I could use the Samba service (by the way, which of the two is better?). Am I wrong?
Anyway, I would like to know how I can obtain an equivalent setup without having to define all LAN users on all machines. In other words, I would like to obtain a situation similar to the one I've seen in a Windows Domain Environment, where a central server is managing all LAN users' login and passwords. Particularly, I'd like to understand the way in which permissions can be managed when the LAN users are NOT defined with useradd in every single computer.
Thanks a lot to anyone who will have the patience to explain.
I used the O'Reilly LDAP book to build my first test LDAP account management environment. It walks through the entire process, step by step, letting you build a working example of what you need.
I wrote a perl program to add/modify/delete entries in our login account/group database, and another to manage the sendmail aliases database, all of which is stored on a pair of replicated OpenLDAP servers.
The only thing I did differently than the LDAP book is to use SSL/TLS certificate authentication/encryption, so passwords aren't flying across the net in plain text and spoofing our LDAP servers is much harder.
The only problem I've run into with using LDAP accounts, is that the stable CVS network daemon doesn't support LDAP accounts (yet), and there is a bug in SUDO with LDAP accounts, which I reported and is apparently fixed in the next release.
Oh, and the steep learning curve. Learning LDAP from scratch can be brutal.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.