 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
I haven't seen much discussion of this topic here, but I'd love to share info about setting up single-signon capability for a small company. Today the company lives with a less-than-acceptable solution: files are read/write to anyone (the equivalent of handing root out to the whole staff), and various apps that require usernames are configured separately with no attempt to synchronize passwords. I proposed using Samba as the authenticator because I know how it works, and can get it tied in with NIS. But the world's gone Microsoft so that may not be the best solution (Microsoft has various annoying client-license restrictions which prevent Samba from being what I want it to be). I want to present the company with a single application that can authenticate from a master user list the following apps: sshd imapd windows login smb shares MySQL bugzilla cvs Apache httpd (in lieu of those annoying .htpasswd files) Someone at the company suggested LDAP, which is currently in place for only one app (imapd). Where should I begin to learn about Unix PAM, LDAP, and Micro$oft directory services? Is the state of the art in this technology just as much of a mess as it was when we contemplated this at ShoreNet 3 or 4 years ago? Is this a 6-month ordeal, or can it be done in a matter of a week of downloading/rebuilding apps? -rich
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
