Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Directory for user authentication?

I haven't seen much discussion of this topic here, but I'd love to share info
about setting up single-signon capability for a small company.  Today the
company lives with a less-than-acceptable solution:  files are read/write to
anyone (the equivalent of handing root out to the whole staff), and various
apps that require usernames are configured separately with no attempt to
synchronize passwords.

I proposed using Samba as the authenticator because I know how it works, and
can get it tied in with NIS.  But the world's gone Microsoft so that may not
be the best solution (Microsoft has various annoying client-license
restrictions which prevent Samba from being what I want it to be).

I want to present the company with a single application that can authenticate
from a master user list the following apps:

 windows login
 smb shares
 Apache httpd (in lieu of those annoying .htpasswd files)

Someone at the company suggested LDAP, which is currently in place for only
one app (imapd).  Where should I begin to learn about Unix PAM, LDAP, and
Micro$oft directory services?  Is the state of the art in this technology just
as much of a mess as it was when we contemplated this at ShoreNet 3 or 4 years
ago?  Is this a 6-month ordeal, or can it be done in a matter of a week of
downloading/rebuilding apps?


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /