[ILUG] LDAP for UNIX authentication

Mon Feb 19 18:25:52 GMT 2001

Hi David,

Yes, I'm currently doing it with Solaris authenticating to Netware (NDS8)
using PAM LDAP/NSS LDAP and intend to do it with Linux shortly. You need to
enable as much caching as you can on the client side (on solaris this is nscd,
dunno on HP). I'd try and avoid using any NIS to LDAP gateways and instead get
the unix box to bind to the LDAP server directly, this leaves you flexibilty
to move away from crypt(). I'd also try and have the directory server close to
the client box, lags etc. aren't going to help matters.

 From a user management point of view it's a dream (I'm using perl-ldap to
manage all users), finding PAM aware applications may be a problem though,
depending on what you're looking to do with the server when finished (I am
assuming that HP are sensible and support this using PAM!).

Best of luck with it,

Fergus.

"HAMILTON,DAVID (HP-Ireland,ex2)" wrote:

> Hi All,
>
> Has anyone used an LDAP server to serve UNIX authentication requests?
> Any opinions, fears, perks?
> I am about to replace a NIS+ config with Netscape Directory Server and HP's
> LDAP/UX.
>
> Thanks,
>     David.
>          _/                     David Hamilton
>        _/                       Technical Consultant
>      _/_/_/  _/_/_/     HP Consulting
>    _/   _/  _/   _/        HP Ltd
>  _/  _/  _/_/_/          Telnet: 6158320
>           _/                    Ph:  +353 (1) 6158320
>         _/                      Mob: +353 (86) 8158320
>    i  n  v  e  n  t          Email   david_hamilton at dub.exch.hp.com
>
> --
> Irish Linux Users' Group: ilug at linux.ie
> http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
> List maintainer: listmaster at linux.ie

--
Eolach - Ireland's leading Open Source consultancy
web: www.eolach.com     email: info at eolach.com
tel: (+353) 1 874 0510  fax:   (+353) 1 874 0515