Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 Jan 2002 22:52:13 -0700
From:      Chris Fedde <chris@fedde.littleton.co.us>
To:        "Jon Larssen" <jonlarssen@hotmail.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Long user names 
Message-ID:  <200201220552.g0M5qD824680@fedde.littleton.co.us>
In-Reply-To: <F587MiUgjLuN4joBHCh0000cb70@hotmail.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 22 Jan 2002 03:49:44 +0000  "Jon Larssen" wrote:
 +------------------
 | Hello,
 | 
 | I've been charged with the implementation here at my company of a 
 | company-wide single-sign-in (or login), much like MS Passport is. The 
 | problem is that the designers decided to use the "global" usernames of the 
 | form <user>@<domain>. For instance, my network username would be:
 | 
 |     jon@noc.example.com
 | 
 | PS. How is this related to FreeBSD? Because in a couple of FreeBSD servers 
 | we'll have the company-wide user directory (replicated LDAP), email services
 +------------------

A little bit of digging shows that pam_ldap is available for FreeBSD
and that the configuration file supports some significant means of
customizing both the search base and the uid= filter.  It is
tied to the standard posixAccount ldap schema.

Also, keep in mind that most users will not need or want login accounts
to the directory or email servers. Infact in most cases it
would be a bad idea to permit your average user to have shell login to
these nodes.  In those cases special priveleges are required.

--
    Chris Fedde

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201220552.g0M5qD824680>