centralized authentication fedora/ubuntu/win7?

onthetee · 06-14-2011, 07:03 PM

Is it possible/advisable to have centralized authentication across fedora 14, ubuntu 10.04, and win7 machines? I'm attempting to use 389 Directory Server on Fedora as the repository and not getting very far. Any tips? thanks.

Tinkster · 06-15-2011, 11:49 AM

Hi, welcome to LQ!

The first tip will have to be: can you please qualify "not getting
very far"? What have you done, what's the problem you encountered?

Cheers,
Tink

szboardstretcher · 06-16-2011, 03:07 PM

You could read up on NIS...

http://www.yolinux.com/TUTORIALS/NIS.html

onthetee · 06-17-2011, 03:17 PM

I don't believe NIS is where I want to go, but here is my setup:
A Fedora 14 server, a Ubuntu 10.04 desktop, a Fedora 14 laptop, and several Win7 Home desktops (no Win Server yet).

I've installed 389 Directory Server on the Fedora 14 box and can issue ldapsearch -x from the Ubuntu box with success.
I'd like to have single user logon at any of the above boxes and have common password enforcement policy and privileges.
I believe this will involve configuring pam modules and more?

Tinkster · 06-17-2011, 05:18 PM

On the linux machines changing nsswitch to do "file ldap" for
password & group (make sure the users don't have local entries,
or switch the order around!) and editing /etc/ldap.conf to point
at your server should be a good starting point, you will indeed
need the pam_ldap modules as well, and point system-auth at
ldap ....

chrism01 · 06-19-2011, 11:14 PM

This LDAP HOWTO may help http://www.linuxhomenetworking.com/w...DAP_and_RADIUS Ignore the RADIUS stuff