April 24, 2019

Use Fedora Directory Server For Manageable LDAP (Part 1) - page 3

What Is LDAP?

  • August 28, 2006
  • By Carla Schroder
One of the biggest dreams of network admins is cross-platform single-sign-on authentication that is not a nightmare to administer. On a Unix-based network--Linux, the BSDs, Mac OS X, commercial Unixes--no sweat. Throw Windows into the brew and suddenly what should be a fundamental operation that works the same everywhere becomes a big fat pain. With an FDS backend, the obnoxious becomes tolerable. Samba has long supported using an LDAP backend. If you've resisted using Samba + LDAP because it looked too difficult, try it with FDS. Samba's default tdbsam database doesn't scale up for large deployments very well, and maintaining duplicate Samba/Unix user account stores is a useless duplication of effort. And don't forget that LDAP is the universal network backend, or very nearly so, so once you figure it out it solves a lot of problems.

Another option is to add the excellent pGINA to the brew. This replaces the Windows login manager with its own login manager that allows Windows clients to authenticate against whatever server you jolly well want them to. So you can easily add some Windows hosts to a Linux or Mac OS X LAN without Samba.

Next week we'll construct a simple authentication backend, which can be used with Samba, or any other way you like.


This article originally appeared on Enterprise Networking Planet, a JupiterWeb site.

Most Popular LinuxPlanet Stories