Re: [389-users] Migrating to LDAP authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sean Carolan wrote:
>> It's not clear to me what OS/distribution you're doing this on, but for
>> the most part we have cfengine run authconfig on our Red Hat boxes to
>> set up the basic LDAP auth (it's a one-liner if done that way), and then
>> push around the sshd_config file.
>>     
>
> We have a combination of centos and Red Hat servers, so the authconfig
> should work just as you mentioned.  Mind if I ask which action you
> used in your cfengine policy to do this?
>   

No problem... ours is under shellcommands, and looks something like this:

role_ldap_clients::
    "/usr/sbin/authconfig --enableldap --enableldapauth --enablecache 
--ldapserver=ldaphost --ldapbasedn="dc=example,dc=com" --enableldaptls 
--disableshadow --kickstart"

Incidentally, that may also answer your other question about how to 
disable local shadow file passwords.
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux