> > libpam-ldap will allow password change. The rest have to be done > > manually (or through some customized software. I am considering > > Ganymede.) Although there is a nice package pam-mkhomedir that will > > automatically create homedirs (and copy /etc/skel stuff) if it does > > not exist. > > Where can I find that script? It is a package in potato. > I think we're going to go with ldap, so I'm going to have to figure > out how we want to handle adding/deleting users, etc. I suppose I'll > just whip up some scripts, but I wouldn't mind having a good one as a > reference.
Yea, I am in exactly the same situation as you are. And I am looking at a good way to administer the users etc. Unfortunately, I can't find a working solution (or one requiring minimal changes). What I gathered so far: - Ganymede: java based administration tool, keeps its own database, would require you to buid your own classes to upload to LDAP. I have not been able to make Ganymede work so far; - Webmin: perl based cgi scripts. LDAP stuff has to be done from scratch; - linuxconf has a ldapconf module. Very early in the development and so far mostly deals with configuring slaps instead of administering the users. Did not manage to test it (guess need more time to play with linuxconf) > First I need to look in to ldap and see what the tools are > for editing the database from the command line (if that's possible). Sure. There are utilities to do everithing (search, change, add, etc.) They are part of openldap-* packages. There is also very convenient "gq" (also in patato) which allows you to brows you directory and add/modified entries (though not suitable for real administration). Keep me informed of your findings. Sergey.
