[CLUE-Tech] LDAP
Jeremiah Stanley
miah at miah.org
Mon Jan 14 17:16:48 MST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I need some really good resources on LDAP. The presentation was very
> cool, but only scratched the surface. I am looking at using it for an
> authentication system for multiple systems on multiple platforms. We
> are trying to decide whether to finish a partial and very not working
> custom in-house solution that someone else started, or scrap it and
> put in LDAP. Or.... a combination of the two (store the data LDAP,
> but have a custom app check it)
http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-ldap-additional-resources.html
Theres a link to what I've used pretty successfully to implement LDAP
Auth on some RH 7.x systems that I have running. It was painful, but the
integration with Sendmail was a breeze.
It is highly recommended that you setup kerberos as well.
> Session hijacking is a real concern on the web apps, and this system
> needs to be useable for network logons, windows fat client logons,
> databse logons, etc.
The windows logins would be your only problem. Samba is starting to have
hooks into using LDAP for auth but I would put it about a half a year off
before it is anywhere near production quality. And if any of your apps can
use PAM authentication then you are already set as PAM works great on my
servers for FTP and user authentication. (I'm using Proftpd BTW).
JStanley
- --
Give a man a match, and he'll be warm for a minute, but set him on fire, and
he'll be warm for the rest of his life.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8Q3TyAd8Nj1SHkdcRAlIGAJ9c8u/KBUhHopySZHZVTHqYSTGjtACfQJwf
9jCv/Mh25CF0C2lZ/GXiaqE=
=r8kS
-----END PGP SIGNATURE-----
More information about the clue-tech
mailing list