Re: Centralized user management: what is best?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mauro Condarelli wrote:
> Hi,
> I have a small (<8 hosts) lan with mixed Linux (debian) and winXP hosts.
> Up to now I managed the debian hosts manually (copying /etc/passwd, /erc/groups, ..., manually), but that is a real pain.
> I did recently suffer a severe breakdown so I reinstalled most of the machines.
> At this point I would like to setup some centralized way to manage the whole network.
> I would like to manage:
> - users (<20)
> - file servers (2)
> - printers (3)
> - firewall (ADSL, fixed IP, currently managed with shorewall/webmin)
> - mail (currently on a separate host, but I plan to move it to the firewall)
>
> In the past I used NIS, but that is UNIX-only.
> I know there's OpenLDAP, but I never used it.
> Probably some other package is available.
>
> Question is:
> Given the needs, what is the "best" solution?
> Should I bother at all? (the main reason I want to install some management is that I began having a lot of permission problems when I moved hard disks from one host to another; I know how to fix them, but I would like to avoid re-doing all that next time...).
> Can someone point me in the right direction? I would like to avoid false starts.
>
>
> Thanks in Advance
> Mauro
>
>
A year ago, I was in the same boat as you..... I now have all my Linux machines
authenticating to OpenLDAP database, and all my Windows machines authenticating
to a Samba domain, which is using the same LDAP db as it's backend. It took a
lot of work and a lot of how-to reading, but I finally made it ;)
I started small, just getting the LDAP database working. I then went on to
figure out how to use PAM, nsswitch, et al, to auth my linux workstations to ldap.
Finally I got my Samba server working as a Windows domain, and using LDAP. It
was a long road, but worth it, and I now have much more knowledge of the subject.
Contact me if you want my pertinent config files.
Good Luck :)
- --
- --------------------------------------------------------------------------------
Always leave room to add an explanation if it doesn't work out.
Saturday Jan 14, 2006
- --------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQEVAwUBQ8knea3rZxntQpytAQKz9ggAipnK/tEURCbQ084vWpmR+NXydR+0Nu+R
imETzIojoKfOQDzH6PqdbY3irePxwvgbHUWy+Pzxw2peBWpYbwe8QC/ClzWn/9n/
qn9IN//MYHKhIKVUsfkNO7KFtubk8l6osQb/C2PAQjNOJrjFJ1a7QVm3pNluTlVj
vpxndt58KDQgwBVNZ2KVy/2BE9zU0dIDZAhDAHf8O73KfuV/6VHqnhGljcknUs6K
oek0Nc7GcTC46VUEc59n5zvtybbTNOJKfuOikdlHrFdN8pkdN/sbsz8knMKfSAHz
BYcO/Uewplmv5Uzd8mtGkAEQpAeawW//pC70L1FLVt787gg3JO+Dqw==
=Jvbe
-----END PGP SIGNATURE-----
Reply to: