how to controll users and password managment like AD in windows as in linux
HI , all
well lets take a scenario of 50 user under a domain controlled via AD(active directory)in win2003 server which we all know Now what i need to know is how can i do the same with linux user.. In my office all are in admin user , now i hv to go individualy each and eveyone configure there password and all i want to manage via domain but in linux not in windos 2003 server plzz assist me step by step how to proceed so that my users wont use in ADMIN mode rather work in simple user mode.. |
You and your users should be using the sudo command. You login as normal user. When you need to perform an admin task, you use the sudo command to invoke root privilege to perform a task.
Set up the file /etc/sudoers to give the users root authority. You can name each user to have that authority in order to control who can use sudo. Use your brower to search the web for more info. You will find much discussion on the topic of sudo and setting up the sudoers file. |
The Linux LDAP client can be configured to use active directory.
Reference: http://www.cyberciti.biz/tips/authen...directory.html And there are a lot of options for distributed patch/update management - cfengine for one. |
Note that you can also set up as many different groups as you wish, and make each user a member of as many different groups as appropriate for that user.
Then, in the /etc/sudoers file, you can give each group access, at whichever level is needed, to the specific programs appropriate for members of that group. Directory and file access is done by setting the ACLs on the directories and files, not in sudoers, but the use of group membership to control access is conceptually similar. You might also want to look at the Security Enhanced Linux system. |
Quote:
|
FreeIPA looks like a good solution, but for something a little more lightweight you can just use a regular OpenLDAP install (possibly combined with Kerberos if you really need single sign on). Through the ppolicy overlay, OpernLDAP can handle many different types of password policies as may be found for AD users. It also has nice replication capabilities for fault tolerance and redundancy.
|
Quote:
my linux user are using in USER mode but xp user are in ADMIN mode i want all in one single central server controll by linux |
one more information i would like to share that i want this centrally managed server setup in ubuntu i.e. ubuntu server
|
Quote:
|
All times are GMT -5. The time now is 03:49 AM. |