LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   LDAP Authentication Understanding (https://www.linuxquestions.org/questions/linux-networking-3/ldap-authentication-understanding-515672/)

metallica1973 01-02-2007 02:45 PM
LDAP Authentication Understanding
 
I need a better understanding on how linux, shares its resources and controls account authentication in one central location like how Active Directory authenticates windows users and network resources? What I want to due is setup LDAP, SAMBA and LAM for windows and linux authentication in one central location! Also can NIS due all of this or is LDAP the preferred method?

btmiller 01-02-2007 03:17 PM
LDAP is just a database specification. However, LDAP databases are very flexible and can hold a variety of different information, including authentication information. A *nix system authenticates users to an LDAP database the same way it would authenticate against any other database such as /etc/passwd + /etc/shadow. Most systems use PAM for authentication, so you only need to activate the requisite PAM module for LDAP. In some cases you might also have to edit /etc/nsswitch.conf to make the system use that service. Since Active Directory is just a variant on LDAP it is possible for Windows and *nix systems to authenticate off the same source. I've never personally set it up but have talked to people who have.

NIS is a database like LDAP, but it's a less secure protocol for a variety of reasons. Still it's quite popular on small networks of trusted machines protected behind a good firewall, mostly because it is extremely simple to set up. I believe a Windows system (at lease server 2003) can use NIS for authentication using some of the Services for Unix stuff, however, IMO LDAP is probably the better way to go when dealing with Windows machines.

metallica1973 01-02-2007 08:11 PM
So if I setup LDAP it can authenticate *nix and windows users and then they can share network resources. Do you know of a decent HOW
TO on LDAP,SAMBA,and LAM?

jschiwal 01-02-2007 08:21 PM
Your distro list includes SuSE. SuSE supplies a samba-doc package that includes 3 Samba 3 books in both pdf and html form. Both the "Samba 3: Reference Guide & Howto" and "Samba 3 by Example" books contain information on using Samba and openLDAP. The package also supplies sample ldap configs and scripts.

The Samba books recommend becoming comfortable with setting up and using LDAP before implementing it with Samba. The examples are solely meant to replace AD, and if you rely on them you won't utilize the directory server as well as you could.

IBM has some Red Book publications on LDAP on the web.

metallica1973 01-02-2007 09:13 PM
many thanks


All times are GMT -5. The time now is 07:08 PM.