Yeah, I actually just realized that SSSD was available for RH5 derivatives, Ubuntu, and Debian, which I did not know. That would narrow the field a lot. However, it doesn't seem to be available on Amazon Linux, which is the driving factor to rebuild this framework.
-- ~*~ StormeRider ~*~ "Every world needs its heroes [...] They inspire us to be better than we are. And they protect from the darkness that's just around the corner." (from Smallville Season 6x1: "Zod") On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS On Wed, Oct 1, 2014 at 8:49 AM, Atom Powers <[email protected]> wrote: > Generally, in my experience, the difference comes from the way PADL > nss-ldap and pam-ldap packages are built, which determines where the > configuration files should be. > > If you can, I'd try to standardize on sssd, which seems to be more stable > and have better compatibility for newer version of Active Directory. If you > are force to use nss-ldap and pam-ldap then you have, IIR, three or four > configuration files that you need to manage which may be in three or four > places. IIR, I ended up putting multiple copies of the configuration files > in any place that they might be needed (symlinks actually) for easier > deployment on multiple OSs. > > > On Wed, Oct 1, 2014 at 8:41 AM, Morgan Blackthorne <[email protected]> > wrote: > >> So we use an Active Directory system to consolidate user accounts, and >> point our Linux boxes at our domain controllers via LDAP. Common scenario, >> right? What's confusing me is the multiple ways that you can configure LDAP >> client on various Linux systems. As far as I can tell there's: >> >> 1. Debian / Ubuntu - libpam-ldap / libnss-ldap >> 2. RHEL 5 - nss_ldap >> 3. CentOS 5 - openldap-clients >> 4. RHEL 6 / CentOS 6 - SSSD >> 5. Oracle Linux - ?? (not sure but I assume it more closely follows >> RHEL) >> 6. Amazon Linux - nss-pam-ldapd >> >> As far as I can tell, SSSD is not available for Amazon Linux. And yet >> it's a different configuration setup than any of the other systems. This is >> the newest addition; I was hoping I could configure it either via SSD or >> like RH 5, but it's looking to be its own special snowflake. *sigh* >> >> How do you all manage things, or are we just really abnormal for running >> such a mix of OSes? We've been working to get everything into Chef, and I'm >> refactoring the LDAP setup piece to be its own cookbook for clarity's sake, >> and ideally would like to simplify the configuration into as few different >> options as possible. Suggestions very welcome. >> >> -- >> ~*~ StormeRider ~*~ >> >> "Every world needs its heroes [...] They inspire us to be better than we >> are. And they protect from the darkness that's just around the corner." >> >> (from Smallville Season 6x1: "Zod") >> >> On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS >> >> _______________________________________________ >> Discuss mailing list >> [email protected] >> https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss >> This list provided by the League of Professional System Administrators >> http://lopsa.org/ >> >> > > > -- > Perfection is just a word I use occasionally with mustard. > --Atom Powers-- >
_______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
