Hello all,

Just finished a release cycle and now I have time to do the network upgrades I'd like to do. The upgrade on my mind is centralizing all of the user accounts to one server much like MS's AD.. however Linux

The linux boxes connecting to a ldap server for logon information would be easier I imagine and I'd like to start off with trying it as a client first.

The Windows boxes - Server 2003 mostly, I'd simply like the accounts and their associated passwords be read off the ldap server.

I do have a fairly large share, but apache and samba can directly use ldap for authentication if I remember reading correctly. I looked a bit at freeipa, but what other wholesome systems are out there for this kind of migration and centralization?

Ideas? howtos would be greatly appreciated.

Ronnie

If you're looking for something that's easy to scale, and is supported very well, I'd certainly go with LDAP. Apache, Squid, and Samba can all authenticate via LDAP.

Tb0ne,

Indeed you are right, but I would like to have 15+ linux servers be all centrally authenticated against the ldap server like a domain. They are 3 different OS's and then I have 10+ Windoze 2003 servers that need to auth against it. Root passwords the same on each for example for the Linux boxes.

Nothing fancy, all of the Windows boxes can be local profiles and have local policies... I just want centralized accounts and passwords.

Using Fedora 8 and Fedora Directory I have the Linux clients talking to it for authentication.

I now want Windows authentication to the FDS, I read using pGina or Samba.. anyone else have ideas?

You might want to try zivios (http://www.zivios.org). Its a consolidated web panel and an n-tiered PHP-5 application. It uses MySQL and OpenLDAP as it's data store, with OpenLdap being the primary back end for identity management and application integration and MySQL being used for panel specific data. Check it out!

Back again,

I have a server 2003 box on my domain. From Swat I can login and change that machines Administrator account's password. However, on the server 2003 box I want to login with an account on the domain(samba) and not get a username or password is incorrect error.

Thanks,

Ron

My conf looks like this:

[global]
workgroup = AWESOMO
server string = Samba Server Version %v
passdb backend = tdbsam
time server = Yes
add user script = /usr/sbin/useradd "%u" -n -g users
add group script = /usr/sbin/groupadd "%g"
add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

http://www.heise.de/ix/meldung/Activ...n-1468714.html
http://www.univention.de/produkte/ucs/

sounds good - klingt aber gut. go samba go.