LDAP for central authentication?
Derek Atkins
warlord-DPNOqEs/LNQ at public.gmane.org
Thu Dec 3 13:29:55 EST 2009
David Rosenstrauch <darose-prQxUZoa2zOsTnJN9+BGXg at public.gmane.org> writes:
> I can't speak to integrating LDAP with the specific systems you're using
> (i.e., NIS, and Samba). But we recently set up LDAP authentication for
> a bunch of our internal systems (Subversion, Trac, Nagios, etc.) and
> it's worked out well so far.
>
> We used OpenLDAP. And for the password length / complexity we used a
> combination of 2 things:
>
> 1) the OpenLDAP password policy overlay (see:
> http://linux.die.net/man/5/slapo-ppolicy)
>
> 2) the OpenLDAP pwdChecker library from the LDAP Tool Box project (see:
> http://ltb-project.org/wiki/documentation/openldap-ppolicy-check-password)
>
> Between the two of them, they were able to meet our password complexity
> requirements.
>
> HTH. Feel free to email back on or off list if you have questions.
What tool(s) do you use for account creation/destruction/manipulation
etc within the LDAP DB? The tools I've found can be used for initial
setup but I haven't figured out how to perform ongoing maint. (Granted,
I haven't looked very hard).
> DR
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord-DPNOqEs/LNQ at public.gmane.org PGP key available
More information about the Discuss
mailing list