At 04:38 PM 11/22/2002 -0600, you wrote:
>On Fri, 2002-11-22 at 15:32, -ray wrote:
> > On 22 Nov 2002, Shannon Roddy wrote:
> > See www.padl.com. They are the guys that maintain the pam_ldap module,
> > and have lots of LDAP info in general. Also i think the Linux LDAP howto
> > covers this (using OpenLDAP). We use eDirectory, but LDAP is LDAP. :)
> > On Redhat, use authconfig to set it up once your directory is running.
> > It'll be changing some stuff in /etc/nsswitch and /etc/pam.d/system-auth.
> >
>
>I'll check these pages out. Like I say, I have Linux and Solaris
>whooped, it is just a matter of tying windows into the mix now.
An alternative to consolidating your authentication information is to
maintain what are essentially mirrors across two authentication systems.
Easier than it sounds! What I mean is to maintain NIS+ on the UNIX side and
AD or NT domains on the Windows side:
create user ----> create NIS+ account
|--> create AD account
delete user ----> delete NIS+ account
|--> delete AD account
change-pass ----> change NIS+ password
|--> change AD password
You would need to create a custom user and group management system, but it
wouldn't be that hard. This can be done in Perl, probably Python, WSH for
the Windows-specific code, or any number of languages.
---
Dustin Puryear <[EMAIL PROTECTED]>
Puryear Information Technology
Windows, UNIX, and IT Consulting
http://www.puryear-it.com
