Guy Van Sanden wrote:
Hello
I'm searching for a (secure) way to have a central authentication service on Linux. Much like the M$ PDC setup, but properly implemented ;-)
I tried NIS, it provides the central administration, but has a number of shortcommings. One is that logins are not logged on the NIS server, but on the local machine, because the maps are distributed. NIS also sends passwords cleartext, so that's also a problem.
Does anyone know better ways to do this? Can LDAP do this? and has anyone successfully set it up?
Yes, LDAP can do it, and it's the Right Way. It's not easy to set-up, not speaking technically-wise, but on the more high level stuff: comprehending how it works, deciding which schema to use etc. For a small implementation (few users, very small organization), it shouldn't be very hard, though. People have had success with it. I, for one, will have to start implementing LDAP soon. So far, I only gathered the background information. -- Silviu Marin-Caea Systems Engineer Linux/Unix http://www.genesys.ro Phone +4093-267961