Am 22.07.2016 um 01:11 schrieb David Sommerseth: > Have a look at authconfig and sssd. The former should help configure > all these things for you, including proper PAM setup as well as LDAP and > Kerberos. For SSSD it is in particular helpful on laptops, where > authentication data can be cached locally to be capable of offline > authentication as well as caching enough information to automatically > fetch a Kerberos ticket once the network access has been established.
I already had been using authconfig for sssd setup. Authentication (via AD/ldap) and caching works well. I only need per user mounting of their AD-directories and hadn't found a hint in the authconfig man page. > And SSSD do have some support for handling the autofs/automount stuff too. Ok, that seems the way to go. Through your tip I now found that there is an autofs/automount via "ldap_autofs_*" in sssd. Let's see if I get this set up. > Otherwise, do have a look at the FreeIPA stuff too. There's a lot of > good things in that package, which also doesn't require much resources > on the server side. For clients, it gets even easier. You just need to > install the proper IPA packages and run ipa-server-install or > ipa-client-install, that's mostly all you need. FreeIPA also makes use > of SSSD and authconfig under the hood. Yeah, looks like good thing but afaics I would have to set up a server for that. I think at first I have to get comfy with the basics in the "red hatted" world (I am coming from a debianic and SUSE background). Thank you for your hints! Cheerz, Lars
smime.p7s
Description: S/MIME Cryptographic Signature
