Re: [389-users] OK, so how do I use this thing?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 12/1/09 6:40 PM, "Alan McKay" <alan.mckay@xxxxxxxxx> wrote:

>>     Take a look at documentation here:
>>     http://directory.fedoraproject.org/wiki/Documentation
> 
> I'll go through that again, thanks.  I went through it a week ago but
> did not find anything too useful, but I'm further along now and a week
> is a long time when you are just starting out.

It will take time to learn LDAP as it is a huge topic. Here's a book I would
recommend: LDAP System Administration by Gerald Carter(O'Reilly Publication)

> 
>>     To authenticate linux users, you will have to configure you client hosts
>> to ldap server by configuring /etc/ldap.conf
>>     Which can be done using GUI/cmdline via authconfig-tui/authconfig --help
> 
> Aha, this gives me a tidbit of what I'm looking for!  Enough to
> probably find some good results with man pages and google!  Thanks!
Google for "How to setup LDAP authentication" and there is ton of info.

> 
>>     Look at Administration Guide
>>     http://www.redhat.com/docs/manuals/dir-server/8.1/admin/index.html
> 
> This I spent most of my day on today and as mentioned there is nothing
> really there for me on how to get cilents working against this.  Sure,
> lots of great detail on setting up every aspect of the server and
> stuff I'll have to come back to (e.g. multi-master replication,
> password expiry and such), but not a single thing in the whole guide
> on "here is how you get client XYZ to work with LDAP"
Again, setting up simple (basic) LDAP authentication is configuring
ldap.conf and nsswitch.conf . But it is not sufficient, you have to make
changes here and there to meet all your requirements
> 
>> Do they need local accounts too?
>>     Local accounts are needed for root and other service accounts
> 
> Cool
> 
>> Local disks?
>>     Not sure what this means
> 
> If you do not have a local account, then where does your home dir come
> from?  Must come from a network disk, no?  But what if I want local
> disk, but authenticate through LDAP?  Can I do that too?  And if there
> is no local user, how do I chown files on the drive to that user?
Having a homer Directory is irrespective of where the account lives. You
definitely need a local disk where you OS is installed, unless you are using
Virtual machine and SAN storage. You can set PAM Module to create homedir on
login and change to it.(authconfig --enablemkhomedir)

http://www.mail-archive.com/seawolf-list@xxxxxxxxxx/msg03331.html


> 
>> What about website?  Wikis?  All currently using htpasswd.   How do I
>> convert those?
>>     For websites, you can refer to Apache authentication via LDAP
> 
> Will do - thanks!

-Prashanth


--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux