Date: Sat, 14 Jun 03 18:25:47 +0100 From: Lee Johnston <lee@wildcardinternet.co.uk> To: vezku@surfeu.fi, Marc Schoechlin <ms@LF.net> Cc: freebsd-isp@freebsd.org Subject: Re: enteprise account management Message-ID: <-1294203520.1055611547881@clevercactus.6488153> In-Reply-To: <20030614121049.GA57026@LF.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I looked into the LDAP solution a while back... Basically you'll be fine using LDAP if the applications can query an LDAP directory directly, or via PAM using PADLs pam_ldap module. The problem comes when you need system accounts stored in an LDAP directory, as far as I know (or at least this was the case a few months ago) the nss_ldap module won't work with with FreeBSD Nameserver switch preventing alternative methods of storing system account details. Mind, someone did mention this was possible by recompiling the C library to use BIND IRS. Another solution maybe to use PADLs commercial NIS/LDAP gateway, so you have a replacement for an NIS server which queries an LDAP directory - http://www.padl.com/ Hope this helps, Lee. > -----Original Message----- > What`s about using OpenLDAP ? > > http://www.openldap.org/ > > With OpenLDAP you can: > > * store your user-accounts in a centralized > database > (replication is also possible) > * define your own attributes > (usernames, passwords, adresses, mail-aliases, > customer-data, > user-rights,....) > * program your own management-interfaces in many > > programming-languages > .... > > Many applications are able to use > LDAP-directories for authentification and > configuration - but there is also the possibility > to use the pam-ldap-module > to import the ldap-users as regular > system-users. > > There are also some gui- and web-based > management-tools available..... > (If you like this - look at freshmeat.net) > > Regards > > Marc Schoechlin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?-1294203520.1055611547881>