Hmmm...if only we could find someone who has done this before, perhaps at several clients. Ideally, if we could find someone that has also setup openvpn authenticating via pam, which is using ldap behind it. I know I'm dreaming when I say this, but if they were also familiar with the smbldap-* tools, configuring pam to use ldap, etc., but also was aware that this was a relatively complex process and didn't try to address it all in one class.
Man, that would be killer... Shane O. On 5/20/06, Rick DeNatale <[EMAIL PROTECTED]> wrote:
On 5/20/06, Jason Tower <[EMAIL PROTECTED]> wrote: > i've set this up for several clients. the base is to use samba and ldap > with the smbldap-tools to tie them together. the tools are used to > populate and maintain the user definitions - instead of 'useradd' you > run 'smbldap-useradd', instead of 'passwd' you run 'smbldap-passwd' and > so on. once the ldap db is populated, you can set up samba to lookup > everything in ldap, do roaming profiles, all that crap. you can also > configure pam to use ldap so *nix machines can auth against it. > combined with mounting /home via nfs, it works very well when dealing > with multiple servers. and of course you can set up other services like > postfix, courier, apache, etc to use ldap auth (or pam). at one client > i even have an openvpn server authenticating against pam, which in turn > points to ldap. > > the thing is, it's not trivial to set up, and even a two hour class > would barely scratch the surface. but if you're willing invest the time > to learn the ins and outs of the various pieces it works extremely well. Perhaps we could structure this as a series of classes, we'd need to structure it and find volunteers to teach. Any offers? -- Rick DeNatale IPMS/USA Region 12 Coordinator http://ipmsr12.denhaven2.com/ Visit the Project Mercury Wiki Site http://www.mercuryspacecraft.com/ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
-- Shane O. ======== Shane O'Donnell [EMAIL PROTECTED] ==================== -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
