On Wed, 2003-10-01 at 22:20, Martin Fahrendorf wrote: > Am Mittwoch, 1. Oktober 2003 20:18 schrieb James D. Parra: > > Hello, > > > > What is the best method to have one central Linux server handling login > > authentication for Linux and windows machines? > > > > What I would like to achieve is; > > > > 1) Provide only network server logins for Linux boxes and have no local > > accounts on any Linux machine. > > LDAP is the way to go. use pam_ldap if only linx accounts are used. If you > want to use the sam password for windows and linux use pam_smb. > > > > > 2) Have /home/$USER reside on the centralized Linux login server and not on > > local machines. > > NFS (but it is insecure if you don't trust your network).
A lot more secure (and robust) is to use shfs. I've not built it on 9.2 but I've used it on 8.2 - 9.1 without a hitch. URL is http://shfs.sourceforge.net/ One thing it doesn't do is hang my box if I loose connectivity. I use to make my home box a "file server" for my laptop... dang handy. Since it operates over ssh I don't have to have extra ports open etc. James > > > > > 3) Ditto for windows machines (I know I can achieve this with Samba for > > windows clients, unless there is a better way) > > See above. you need samba to authenticate windows. samba handles the user > acounts via ldap too. > > > > > If anyone has this type of environment set up, I would greatly appreciate > > your help and advice. > > Yes, we have configured it that way. But wee use different passwords for > windowsd and unix accounts. Everything is in ldap. We have three ldap server > (one master, two slaves) postfix is configured via ldap (aliases canonicals > et al). Only cyrus (imap server) has its own user database. Addressbook is > stored in LDAP (KMail, Mozilla and Outlook grabs the e-mail addresses from > the ldap store -- autocompletion). Every authentication is done against ldap > (wherever possible) like proxy mail and others more. > > > > > Many thanks in advance, > > > > > > James > > Martin
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
