[389-users] Migrating to LDAP authentication
muzzol
muzzol at gmail.com
Tue Feb 2 14:09:32 UTC 2010
2010/2/2 Sean Carolan <scarolan at gmail.com>:
> Perhaps some of you have gone down this path before and can offer some
> helpful suggestions. I need to convert a group of servers to LDAP
> authentication. Most of the user accounts on these systems have
> consistent uids and gids across all the servers. There are a few
> exceptions but the people who need to access the servers on a daily
> basis should all have the same account uid on every machine.
>
> My questions are:
>
> 1. Can you disable local authentication for all users except root
> once LDAP authentication is in place?
>
dont create any "root" user on LDAP and...
> 2. If there are some users who only need access to a small number of
> servers, how would you handle that situation?
>
modify /etc/security/limits.conf to your needs
> 3. When adding new users, do you create them a private group to avoid
> this error?
i always create users in a default generic group, but that has nothing
to do with your error.
> id: cannot find name for group ID 5001
>
you probably have nsswitch.conf missconfigured.
regards,
muzzol
--
========================
^ ^
O O
(_ _)
muzzol(a)muzzol.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>
More information about the 389-users
mailing list