 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
> Someone at the company suggested LDAP, which is currently in place for only > one app (imapd). Where should I begin to learn about Unix PAM, LDAP, and > Micro$oft directory services? LDAP is a good start. For the Linux part, a lot of the integration can be done using the pam ldap module. The Linux software you mention (openssh, imap, pop, samba) should be able to use pam for authentication. There are replacements for the Windows 2k authentication that will work with Linux LDAP servers (pgina.xpasystems.com I think). I think recent versions of Samba make a decent domain controller. There have been some limitations (e.g. interactions with Exchange servers... ) this may be fixed in more recent versions, or it may not matter to you. A couple other systems to consider for single signon are Radius and Kerberos. Radius is nice in particular if you are looking for something that supports strong authentication (e.g. Cryptocard). But these solutions are usually a bit pricy and may be overkill for a small company (count on $50-$100 per user). -- CTO SANS Internet Storm Center http://isc.sans.org phone: (617) 786 1563 fax: (617) 786 1550 jullrich at sans.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.blu.org/pipermail/discuss/attachments/20031127/4774ef70/attachment.sig>
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
