Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-29-2013, 12:47 AM   #1
Registered: Feb 2009
Distribution: Debian
Posts: 57

Rep: Reputation: 17
Question Centralized Authentication


I have few ec2 servers, under different aws accounts, I want to setup a method to control user accounts from a single point. Can I use RADIUS for that? Or LDAP?
Please help.
Old 12-02-2013, 10:32 AM   #2
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 661

Rep: Reputation: 66
I think LDAP is good to store users and there credentials at centralized location.
1 members found this post helpful.
Old 12-02-2013, 01:31 PM   #3
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,513
Blog Entries: 4

Rep: Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955Reputation: 2955
Typically, LDAP (nee Microsoft OpenDirectory) is used for this purpose. Other technologies like Radius and Kerberos can be used, but LDAP is by far the most common. There are hundreds of thorough articles on the Internet that show you exactly how to do it.

Basically ... "in even a small office with Windows machines, say, or Macs, or machines of any type at all, you quickly discover the need to manage ... not only login-credentials, but arbitrary attributes of those users, from one central location." There's simply no other practical way to do it. LDAP has become the de facto standard for doing that, and Microsoft's management-console happens to be a very good tool. You simply arrange for the Linux boxes to conform to that, which they can very easily do.

Integration with LDAP usually happens in many other ways. Web-servers such as Apache or nginix can query to find out whether access should be granted to a particular user. A user can "log in" (using LDAP-validated credentials), and then find that this login is also seamlessly recognized by other intranet web-pages that he might visit. And, if those pages are driven by CGI-code of any sort, those CGI handlers can also seamlessly query those (trustworthy ...) credentials, thus creating a very smooth "single sign-on" user experience.

All of this stuff is "already invented," and is cross-platform between Windows, Linux, OS/X, and even mainframes. You might not have encountered it yet, if you haven't had five thousand computers and laptops to manage yet ... ... but you'll love it, when you do.

Last edited by sundialsvcs; 12-02-2013 at 01:38 PM.
1 members found this post helpful.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
centralized authentication fedora/ubuntu/win7? onthetee Linux - Newbie 5 06-19-2011 11:14 PM
Centralized authentication for existing network. Possible? How? a2brute Linux - Networking 4 06-16-2010 02:42 PM
Centralized authentication - two hurdles flv7a Linux - Software 5 08-03-2007 11:48 AM
centralized authentication - OS? setup? jantman Linux - Networking 1 07-13-2006 07:31 AM
Centralized Authentication banzai_slr Linux - Security 0 05-05-2005 03:45 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:48 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration