User administration
Can anyone recommend a good tool - or the best tool, preferably :) - for setting up and managing several hundred user names, passwords, home directories, samba passwords - the usual school user admin stuff. Cheers -- Phil Driscoll
On Thu, 6 Dec 2001, Phil Driscoll wrote:
Can anyone recommend a good tool - or the best tool, preferably :) - for setting up and managing several hundred user names, passwords, home directories, samba passwords - the usual school user admin stuff.
Finding one of these is on our ToDo list, so I would be interested in any suggestions. We will need something that supports storing the user database in an LDAP directory with authentication provided by Kerberos, since this is the direction we are taking in the interests of eliminating a single point of failure. Anyone know of anything suitable? (Apart from the Win2K Active Directory tools!) Michael
Finding one of these is on our ToDo list, so I would> be interested in any> suggestions. We will need something that supports> storing the user> database in an LDAP directory with authentication> provided by Kerberos,> since this is the direction we are taking in the> interests of eliminating> a single point of failure. Anyone know of anything> suitable? (Apart from> the Win2K Active Directory tools!)Not an answer, but a question:What is the difference (advantages, disadvantages, and purpose) of LDAP when compared to NIS, or are the things for different jobs? Which is better, and why? Or have I misunderstood. Where does Kerberos fit in?As you can tell, I've run a Linux server for Windows clients, but never actually pieced together a Linux network of scale.Ta--Matt
--------------------------------- Do You Yahoo!? Send your FREE holiday greetings online at Yahoo! Greetings.
On Thu, 6 Dec 2001, Matt Johnson wrote:
Not an answer, but a question:What is the difference (advantages, disadvantages, and purpose) of LDAP when compared to NIS, or are the things for different jobs? Which is better, and why? Or have I misunderstood. Where does Kerberos fit in?As you can tell, I've run a Linux server for Windows clients, but never actually pieced together a Linux network of scale.
NIS is annoyingly dead - very little development work seems to take place on it. This is one major drawback. LDAP is somewhat more comprehensive than NIS: an LDAP directory can contain information such as phone numbers and concepts of departments or other groupings. LDAP can be used as a source for e-mail address books. LDAP stores the user information; Kerberos deals with password verification. (This is a huge over-simplification.) Kerberos allows for single sign-on in a network of mutually suspicious users and computers via the use of a trusted third party. Win2K uses LDAP and Kerberos, and this is one of the areas in which I think MS have made a good decision (although I deplore the "embrace and extend" approach they are applying to Kerberos). HTH, Michael
participants (3)
-
Matt Johnson -
Michael Brown -
Phil Driscoll