-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Clive Menzies wrote: > On (14/01/06 11:31), Jay Zach wrote: > >>-----BEGIN PGP SIGNED MESSAGE----- >>Hash: SHA1 >> >>Mauro Condarelli wrote: >> >>>Hi, >>>I have a small (<8 hosts) lan with mixed Linux (debian) and winXP hosts. >>>Up to now I managed the debian hosts manually (copying /etc/passwd, >>>/erc/groups, ..., manually), but that is a real pain. >>>I did recently suffer a severe breakdown so I reinstalled most of the >>>machines. >>>At this point I would like to setup some centralized way to manage the whole >>>network. >>>I would like to manage: >>>- users (<20) >>>- file servers (2) >>>- printers (3) >>>- firewall (ADSL, fixed IP, currently managed with shorewall/webmin) >>>- mail (currently on a separate host, but I plan to move it to the firewall) >>> >>>In the past I used NIS, but that is UNIX-only. >>>I know there's OpenLDAP, but I never used it. >>>Probably some other package is available. >>> >>>Question is: >>>Given the needs, what is the "best" solution? >>>Should I bother at all? (the main reason I want to install some management >>>is that I began having a lot of permission problems when I moved hard disks >>>from one host to another; I know how to fix them, but I would like to avoid >>>re-doing all that next time...). >>>Can someone point me in the right direction? I would like to avoid false >>>starts. >>> >>> >>>Thanks in Advance >>>Mauro >>> >>> >> >>A year ago, I was in the same boat as you..... I now have all my Linux >>machines >>authenticating to OpenLDAP database, and all my Windows machines >>authenticating >>to a Samba domain, which is using the same LDAP db as it's backend. It took >>a >>lot of work and a lot of how-to reading, but I finally made it ;) >> >>I started small, just getting the LDAP database working. I then went on to >>figure out how to use PAM, nsswitch, et al, to auth my linux workstations to >>ldap. >> >>Finally I got my Samba server working as a Windows domain, and using LDAP. It >>was a long road, but worth it, and I now have much more knowledge of the >>subject. >> >>Contact me if you want my pertinent config files. > > > I've also been pondering this for a while; have you got any particular > links you found useful .... howtos, etc.? > > Regards > > Clive >
I'll throw some links in from where I've emailed them to myself in the past for future reference. I don't have time right now to go through them all to see what were the most useful (and I truthfully don't remember -- this whole process involved a bunch of small 'eureka moments', and I didn't do a good job documenting them), so I'll just throw them out there, along with some of my bookmarks... http://www.linux.com/article.pl?sid=05/10/18/1732231 http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/LDAP-Implementation-HOWTO.html http://www.enterprisenetworkingplanet.com/netsecur/article.php/3514511 http://groups-beta.google.com/group/linux.samba/browse_thread/thread/353078cfd35f7f41/217a96e9e79cd0b7?q=openldap+backup&rnum=3&hl=en#217a96e9e79cd0b7 http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html http://www.linuxjournal.com/article/8374 http://www.fatofthelan.com/articles/articles.php?pid=24 http://searchopensource.techtarget.com/tip/1,289483,sid39_gci1152805,00.html http://www.metaconsultancy.com/whitepapers/ldap-linux.htm http://www.imaginator.com/~simon/ldap/ http://tldp.org/HOWTO/User-Authentication-HOWTO/index.html http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html http://bbm/phpldapadmin/ http://www.linuxjournal.com/article/8119 - -- - -------------------------------------------------------------------------------- A figure with curves always offers a lot of interesting angles. Saturday Jan 14, 2006 - -------------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ8l7rq3rZxntQpytAQISuAf9EsVbwQ86V7+Jd/tV4aN3g2VsByA221y2 w6BTZxcfwuUZ7NeDCYffV4HKTdKPbcvsGLiNw3zvb0Bng+Lpymnsc9CWYnNDKP/S 5p89w25oPT4XM3nNXxwMapvNjveuLDK73Ai9hQaODRtaGG0shV+dolJZzSd3GqPt uQVlezJ78oW4q00eCyRFZLRvVpthlSfCQGoG43kH/ZAY61H19D4OfsDPAzW34iop cMICpWk5kXjZLpreJuwPqIv3K95jyF/b9oNOZwNBN/HwCHGM/iVlmnqfh835t3or tPzrangxSu/yzflBBOobzBONfXbhQcm0CDUyEQtr6HCVQyMNzTKwPg== =hgFO -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
