Re: We need centralized accounts -- Any docs for ldap passwords?
> > libpam-ldap will allow password change. The rest have to be done
> > manually (or through some customized software. I am considering
> > Ganymede.) Although there is a nice package pam-mkhomedir that will
> > automatically create homedirs (and copy /etc/skel stuff) if it does
> > not exist.
>
> Where can I find that script?
It is a package in potato.
> I think we're going to go with ldap, so I'm going to have to figure
> out how we want to handle adding/deleting users, etc. I suppose I'll
> just whip up some scripts, but I wouldn't mind having a good one as a
> reference.
Yea, I am in exactly the same situation as you are. And I am looking at a
good way to administer the users etc. Unfortunately, I can't find a
working solution (or one requiring minimal changes). What I gathered so
far:
- Ganymede: java based administration tool, keeps its own database, would
require you to buid your own classes to upload to LDAP. I have not been
able to make Ganymede work so far;
- Webmin: perl based cgi scripts. LDAP stuff has to be done from scratch;
- linuxconf has a ldapconf module. Very early in the development and so
far mostly deals with configuring slaps instead of administering the
users. Did not manage to test it (guess need more time to play with
linuxconf)
> First I need to look in to ldap and see what the tools are
> for editing the database from the command line (if that's possible).
Sure. There are utilities to do everithing (search, change, add, etc.)
They are part of openldap-* packages. There is also very convenient "gq"
(also in patato) which allows you to brows you directory and add/modified
entries (though not suitable for real administration).
Keep me informed of your findings.
Sergey.
Reply to: